Privacy Policy
Traceo Chrome Extension
Last updated: May 13, 2026
This policy reflects the Traceo Chrome extension as released for Manifest V3 (current manifest version 1.8, Chrome Web Store listing: Traceo — UI Inspection & Visual Bug Reports).
Overview
Traceo is a Chrome extension for visual CSS inspection, responsive (Responsify) preview, screenshots, annotations, and video UI bug reporting.
Traceo is local-first by default: most inspection and capture processing happens in your browser on your device.
Traceo also includes optional online features:
- Account sign-in and account/profile operations (via Supabase)
- Signed-in free-tier monthly usage counters synced to Traceo backend for plan limits (via Supabase)
- Traceo Pro subscriptions: checkout and customer billing are handled via Paddle on traceo.dev, with entitlement state stored in Traceo backends (via Supabase and Paddle webhook processing)
- Shareable recording links (via Traceo video share API on Cloudflare)
- Limited messages from traceo.dev / www.traceo.dev to the extension (see Communication from Traceo websites below)
If you do not sign in or use optional online flows, Traceo can be used without an account.
Data Collection Summary
| Data Type | Collected? | Stored Where? | Transmitted Externally? |
|---|---|---|---|
| Page DOM/style data for inspection | Yes (only when you use inspect features) | On-device (runtime memory) | No |
| Screenshots / annotated images | Yes (only when you capture/save) | On-device (chrome.storage.local, downloads, clipboard) | No |
| Video recordings | Yes (only when you start recording) | On-device (IndexedDB/download) | No (unless you use Share Link) |
| Recording metadata (URL, title, viewport/window size, timestamps) | Yes (during recording) | On-device | No (unless you use Share Link) |
| Console/network/action telemetry for recordings | Optional (advanced recording toggles) | On-device (viewer data) | No (unless you use Share Link) |
| Account data (email, auth profile fields) | Optional (if you sign in) | On-device + Supabase | Yes |
| Auth/session tokens | Optional (if you sign in) | On-device (chrome.storage.local) | Yes (used for authenticated API calls) |
| Usage/counter data for limits | Yes for signed-in free-tier enforcement; offline/local fallbacks otherwise | On-device + Supabase (feature_usage_rolling_30d when signed in) | Yes (when signed in, for quota enforcement) |
| Subscription/billing metadata (plan tier, subscription status, Paddle-related identifiers as applicable) | Optional (if you use Traceo Pro or trial) | Supabase (and payment details processed by Paddle) | Yes |
| Analytics/tracking SDK events | No | N/A | No |
Recording Telemetry Notes
When enabled by you in advanced recording options, Traceo can include console logs, network request summaries, and action timeline data in the recording viewer.
- Network URLs are sanitized to origin + pathname (query string and hash are removed).
- Sensitive headers (for example authorization, cookie, token, secret, set-cookie) are redacted before storage/export.
- Header values are also truncated for safety.
This telemetry is stored locally unless you explicitly create a share link.
Outbound Network Requests
1) Authentication and account features (optional)
If you sign in, Traceo communicates with your configured Supabase project for:
- signup/signin/signout
- OAuth code exchange (including Google OAuth flow)
- token refresh
- profile fetch/update
- entitlement and usage reads/writes tied to authenticated features
Data may include email, user id, auth tokens, profile fields, and signed-in quota usage rows required for account features.
2) Share Link for recordings (optional)
If you click Share Link in the recording viewer, Traceo uploads:
- the recorded video blob
- optional trace payload (recording metadata and captured telemetry shown in viewer)
to the configured Traceo video share API (Cloudflare Worker + R2/KV storage).
Hosting retention for shared uploads depends on your account entitlement at finalize time:
- Default free hosting uses a short TTL (typically about three days, driven by server configuration such as
RETENTION_SECONDS; links and stored objects expire on that horizon unless otherwise stated in-product). - Traceo Pro (paid entitlement or trial mapped to paid retention in Traceo backends) may receive longer-lived hosted storage and KV metadata without that short TTL; objects still persist subject to deletion by you (for example via “My recordings”), product changes, or operational cleanup.
The Worker may check entitlement server-side using Supabase profiles (never shipping service-role secrets inside the shipped extension ZIP).
3) Traceo Pro / Paddle subscriptions (optional)
When you subscribe or manage Traceo Pro from traceo.dev, Paddle runs checkout and the customer billing portal. Paddle collects and processes payment instruments and billing contact details under Paddle’s privacy notices and agreements.
Traceo’s Supabase-backed services (including Edge Functions such as billing-checkout, billing-portal, and paddle-webhook) process subscription lifecycle notifications and store entitlement-related fields tied to your user id (for example subscription status and Paddle identifiers on profiles / billing_* tables as applicable).
4) Asset export/download
If you export/download discovered assets, Traceo requests those asset URLs from their origin servers/CDNs to fetch bytes for download/zip operations.
Communication from Traceo websites
Traceo declares externally_connectable for https://traceo.dev and https://www.traceo.dev only.
From those origins, first-party Traceo pages you open can send limited typed messages to the extension—for example handing off an authenticated browser session after website sign-in, or prompting the extension to refresh subscription-derived entitlements. Other sites cannot use this channel.
Permissions and Why They Are Needed
Host Permissions (http://*/*, https://*/*)
Needed so Traceo can run inspection/capture/recording and responsive preview features on pages you choose to use it on. Traceo is user-driven. It does not run as a background web scraper independent of your extension actions.
Extension Permissions
| Permission | Purpose |
|---|---|
| activeTab | Capture active tab when requested |
| tabs | Tab/window context, messaging, recording coordination |
| scripting | Inject Traceo scripts/overlays into pages |
| sidePanel | Side panel UI |
| storage | Local preferences, session state, saved data |
| unlimitedStorage | Increases local storage quota so longer recordings are more reliably persisted on-device |
| offscreen | Offscreen recording/finalization flows |
| alarms | Timers for recording/session/auth maintenance |
| windows | Recording window/focus orchestration |
| clipboardWrite | Copy values/images/share links on explicit user action |
| identity | OAuth flow support (chrome.identity) |
| webNavigation | Navigation-aware recording/auth callback handling |
| webRequest | Optional network event capture during recordings |
| declarativeNetRequest, declarativeNetRequestWithHostAccess | Responsify preview compatibility (frame/CSP header adjustments where required) |
| cookies | User-invoked site cookie clearing in Responsify tools |
| browsingData | User-invoked per-origin cache/storage clearing tools |
Storage and Retention
Traceo uses:
- chrome.storage.session for transient runtime state
- chrome.storage.local for preferences, auth tokens (if signed in), and saved local artifacts
- IndexedDB for recording binaries/viewer artifacts
- unlimitedStorage permission support to reduce quota-related failures when saving larger local recordings
Local data remains until cleared by you, extension cleanup routines, or extension uninstall.
How to clear data
- Uninstall Traceo, or
- Clear extension/site data in Chrome, or
- Use Traceo controls that clear scoped site cache/cookies/storage (Responsify tools)
For account/server-side data (Supabase profile/auth records, billing rows, Paddle-processed subscriptions, shared recording metadata hosted by Traceo), contact support for deletion requests.
Third-Party Services
Depending on features you use, Traceo may use:
- Supabase (authentication, profile/account data, signed-in usage limits, entitlement/billing rows, Edge Functions)
- Cloudflare Worker / R2 / KV (optional share-link video hosting; entitlement-aware retention server-side)
- Paddle (payment processing and subscription management when you subscribe through Traceo checkout)
Traceo does not include advertising SDKs or third-party product-analytics SDKs inside the extension package.
Payment details you enter appear in Paddle’s flows; consult Paddle’s documentation for how they handle that data.
Security Notes
- Extension code is packaged with the extension and loaded from extension assets.
- Sensitive auth/session data is stored locally in extension storage when account features are used.
- Shared recording links and hosted objects expire or persist according to the tiered retention described above.
Changes to This Policy
We may update this Privacy Policy as Traceo evolves. The "Last updated" date above reflects the latest revision.
Contact
If you have privacy questions or deletion requests:
- Email: cs@traceo.dev
- Website: https://traceo.dev