PageVigil is a webpage-change monitoring extension. This policy explains what data the extension and the optional PageVigil Cloud sync service collect, why, and how it is protected. We follow the Chrome Web Store Developer Program Policies.
a) Account data (only if you enable Cloud Sync). When you create a PageVigil Cloud account we store your email address and a password. Passwords are never stored in plaintext — they are hashed on the server (bcrypt) and a random salt is kept in your local browser storage for end-to-end-encrypted sync.
b) Monitored page content. To detect changes, PageVigil fetches and stores the text/HTML content of the specific webpages you choose to monitor. This content is stored locally in your browser (IndexedDB) and, if Cloud Sync is enabled, in encrypted form on our sync server.
c) Watchlist metadata. We store the URLs, page titles, and check schedules of the pages you add to monitor. This is your configuration, not general browsing history.
d) Optional notification & AI settings. If you configure notifications or AI summaries, the following are stored locally on your device only and are never sent to us: your own email SMTP credentials, Telegram bot token, Slack/Discord webhook URL, and your own LLM API key (used for the Bring-Your-Own-Key AI summary feature).
e) Server logs. The sync server records standard request metadata including IP address and timestamps for security and abuse prevention. Logs are retained only as long as necessary.
f) Payments. Subscriptions are processed on our website through PayPal. The extension never handles card or payment data. We receive only the payer email and plan from PayPal; we do not store card numbers.
storage — local persistence of your watches, settings, and encryption salt.alarms — schedule periodic checks of your monitored pages.activeTab — read the content of the tab you are currently viewing when you click "monitor this page".scripting — inject a content script to extract page text for change detection.notifications — show desktop alerts when a change is detected.tabs — identify the current tab's URL so you can quickly add it to monitoring.cookies — optionally read page cookies so monitored pages behind login can be accessed (only when you enable authenticated monitoring).host permissions (http://*, https://*) — access the specific URLs you choose to monitor, since monitoring targets are user-selected and cannot be known in advance.We do not sell or transfer user data to third parties, except: (1) to our own sync server for the Cloud Sync feature you opt into; (2) to your chosen AI provider using your own API key; (3) to PayPal solely for payment processing on the website. We do not use user data for advertising or credit/loan decisions.
Cloud Sync uses end-to-end encryption: watch data is encrypted on your device with a key derived from your password before it leaves the browser. Passwords are bcrypt-hashed server-side. Sync tokens are JWT-based and expire.
PageVigil is not directed to children under 13 and does not knowingly collect their data.
We will post any changes to this page and update the "Last updated" date.
Questions about this policy: privacy@51skill.top
PageVigil 是一款网页变更监控扩展。本政策说明 扩展 及可选的 PageVigil Cloud 同步服务 收集哪些数据、为何收集,以及如何保护这些数据。我们遵循 Chrome 网上应用店开发者计划政策。
a) 账户数据(仅在你启用云同步时)。 当你创建 PageVigil Cloud 账户时,我们存储你的 邮箱地址 与 密码。密码绝不以明文存储——它们在服务器端经 bcrypt 哈希,随机盐值保存在你的本地浏览器存储中用于端到端加密同步。
b) 被监控页面内容。 为检测变更,PageVigil 会抓取并存储你选择监控的特定网页的 文本/HTML 内容。这些内容存储在你的浏览器本地(IndexedDB),若启用云同步,则以加密形式存储在我们的同步服务器上。
c) 监控列表元数据。 我们存储你添加的监控页面的 URL、页面标题与检查计划。这是你的配置,而非通用浏览历史。
d) 可选的通知与 AI 设置。 若你配置了通知或 AI 摘要,以下数据仅存储在你的设备本地,绝不会发送给我们:你自己的邮箱 SMTP 凭据、Telegram bot token、Slack/Discord webhook URL,以及你自己的 LLM API Key(用于自带 Key 的 AI 摘要功能)。
e) 服务器日志。 同步服务器记录标准请求元数据,包括 IP 地址 与时间戳,用于安全与防滥用。日志仅在必要时保留。
f) 支付。 订阅通过我们的网站经 PayPal 处理。扩展从不处理卡号或支付数据。我们仅从 PayPal 收到付款人邮箱与套餐信息;我们不存储卡号。
storage —— 本地持久化你的监控、设置与加密盐值。alarms —— 为你的监控页面安排周期检查。activeTab —— 当你点击"监控此页"时,读取当前查看标签页的内容。scripting —— 注入内容脚本以提取页面文本用于变更检测。notifications —— 检测到变更时显示桌面告警。tabs —— 识别当前标签页的 URL 以便快速加入监控。cookies —— 可选地读取页面 Cookie,以便访问登录后的监控页面(仅当你启用认证监控时)。host 权限 (http://*, https://*) —— 访问你选择监控的特定 URL,因为监控目标是用户自选、无法预先知晓。我们不出售或转移用户数据给第三方,除非:(1) 为你选择加入的 Cloud Sync 功能同步至我们自己的同步服务器;(2) 使用你自己的 API Key 至你选择的 AI 供应商;(3) 仅用于网站支付处理至 PayPal。我们不将用户数据用于广告或信贷/贷款决策。
Cloud Sync 使用端到端加密:监控数据在离开浏览器前,使用由你的密码派生的密钥在你的设备上加密。密码在服务器端经 bcrypt 哈希。同步令牌基于 JWT 且会过期。
PageVigil 不面向 13 岁以下儿童,也不会有意收集其数据。
我们会在本页发布任何变更并更新"最后更新"日期。
关于本政策的疑问:privacy@51skill.top