PixieBrix Product Privacy Description

Last updated May 20, 2025

What does this Product Privacy Description cover?

This Product Privacy Description provides information on how our product processes information on behalf of our business customers. For our Privacy Policy governing the use of our Site and Services, including GDRP policies, see our Privacy Policy.

How we protect your data

We are dedicated to protecting your information and have put in place electronic and procedural safeguards. For more information see our Security and Compliance Overview.

Browser Extension permissions

When you install the Extension, you will be prompted to accept the required permissions. We try to minimize the set of permissions the Extension requests, subject to browser technical limitations.

The use of browser permissions is reviewed by the Google Chrome Web Store team prior to distribution.

Required permissions

Permission
Reason
storage
The Extension stores account settings and configuration locally
tabs
The Extension uses the tabs API in conjunction with the Web Navigation API for three purposes:
  • Load the content script into pages
  • Notify the content script on Single Page Applications (SPAs) of navigation events
  • For multi-tab workflows, track relationship between parent/child tabs
By default, the Extension does not record/modify any information about tabs or their URLs.
activeTab
The activeTab permission allows you to temporarily grant access to a tab to develop a new brick using the developer panel tools.
webNavigation
The Extension uses the Web Navigation API to detect page navigation events on Single Page Applications (SPAs).

By default, the Extension does not automatically store the navigation event data.
contextMenus
The Extension does not add any context menus by default. However, it supports creating new context menu items.
offscreen
Use of an offscreen document for securely running user-defined code, transmitting error telemetry, and capturing tab media
alarms
Used to automatically clear expired storage/cache items at regular intervals.
system.memory
Supports the use of memory-saving features when low available system memory is detected
sidePanel
Support the Chromium side panel to deliver mods alongside any page.
scripting
Used to dynamically inject the content script into frames, e.g., in legacy rich text editor frames.
https://*.pixiebrix.com/*
The Extension communicates with the Web Application to sync the service token and provide a seamless mod activation experience from the Marketplace.
<all_urls>
Allows PixieBrix to display the floating action button, action menu, and to activate mods on any page.
identity
Enables OAuth2 authentication flows with integrations.

Optional permissions

Permission
Reason
clipboardWrite
Improved support for mods that copy information to your clipboard.

Third-party integration privacy

The use of Third-Party Integrations with PixieBrix is optional. PixieBrix only transmits to Third-Party Integration Providers if you configure that provider for use with a mod you activate. The data transmitted, stored, and shared is limited to the data required for mod operation.

Sign in with Google
When you use Sign in with Google to authenticate with PixieBrix, Google provides your name, email address, and profile picture. PixieBrix uses this information to authenticate you. We do not share or sell this information to other third-party tools (such as AI models).

The use of Sign in with Google is optional. To opt out of using Sign in with Google, use Sign in Microsoft or enter your email to receive a registration/login link.

Google Cloud APIs
When you use a Google Cloud API integration, e.g., the Google Translation API, PixieBrix transmits the request to Google. We do not share or sell the information you provide to other third-party tools (such as AI models).

PixieBrix’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

The use of Google Cloud APIs is optional. To opt out of transmitting data to Google Cloud, do not create or use a mod that utilizes a Google Cloud API.

Google Drive
When you use the Google Drive integration, PixieBrix transmits data to/from Google Drive to display available files and/or perform file operations for the mods you activate. We do not share or sell the information transmitted you provide to third-party tools (such as AI models).

PixieBrix’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

The use of Google Drive is optional. To opt out of transmitting data to/from Google Drive, do not configure the Google Drive integration.

Microsoft: Sign in with Microsoft, Microsoft APIs
PixieBrix only shares information with Microsoft if you use Sign in with Microsoft, or configure Microsoft for use with a mod you activate. Data shared with Microsoft is limited to data required for authentication and/or mod operation.

PixieBrix’s use and transfer of information received from Microsoft APIs to any other app will adhere to Microsoft APIs Terms of Use.

OpenAI/ChatGPT
PixieBrix’s use of the OpenAI APIs is subject to their API Data Privacy Policy. Data and metadata transmitted to the OpenAI APIs are not used for training.

Data Sub-processors

The PixieBrix product uses the following Personal Data sub-processors to render the Services on your behalf:

Sub-processor
Purpose
Amazon Web Services, Inc.
Blob storage, e.g., data exports
Salesforce, Inc. (Heroku)
Web Application Hosting
Mixpanel, Inc.
Mod Engagement Telemetry/Reporting
SendGrid, Inc. (Twilio)
System Emails

Artificial Intelligence (AI) policy

By default, PixieBrix does not transmit or share your browsing data or API calls with AI models. You may opt in to using AI by activating or creating a mod that calls an AI model provider.

Responsible disclosure

If you believe you have discovered a vulnerability in one of our products, please email us at [email protected]. We will respond within 3 business days to create a remediation plan.

The following systems and services are in scope:
Any other systems and services, e.g., our third-party service providers, are excluded from scope and not authorized for testing. Please refer to their policies and report any vulnerabilities directly to them

Additionally, the following activities and test methods and not authorized:
  • Revealing the vulnerability to others before it has been resolved
  • Taking advantage of the vulnerability, e.g., by downloading or deleting other user's data beyond what is necessary to demonstrate the vulnerability
  • Network denial of service (DoS or DDoS) tests or other tests that impair access to or damage a system or data
  • Physical testing (e.g. office access), social engineering (e.g. phishing), or any other non-technical vulnerability testing
We do not currently offer monetary compensation for reporting vulnerabilities but will recognize you in the public vulnerability disclosure (unless you desire otherwise).

How to contact us

If you have any questions about our privacy policies and practice, please contact us at [email protected].
2025 PixieBrix, Inc.
Product
Integrations
Platform
Solutions
Industry
BFSI
Contact Center
E-Commerce
Healthcare
Public Sector
Department
Customer Support
Digital COE
Human Resources
Marketing
use cases
AI Writing
AI Detector
AI Image Generator
Announcements
Chat Copilot
Checklists
Decision Trees
Embed RPA
Enterprise AI Search
Image to Text
Smart Bookmarks
Process Intervention
Snippet Manager
Translation
Resources
Certification
Documentation
Templates
Tutorials
About
Contact
Customers
Cookie Policy
Glossary
Media
Pricing
Privacy
Terms