Privacy Policy

PTT Search Hub · Last updated: June 12, 2026

    Summary: This extension uses Google Sign-In only to verify that you
    belong to an authorized Google Group. No search data, task keys, or results are ever
    collected or transmitted to the developer. All search data stays on your device.
  

1. Overview

PTT Search Hub ("the Extension") is a Chrome browser extension that lets authorized users bulk-search task keys on live.pttgps.com and export results as CSV. Access is restricted to members of a specific Google Group. This policy describes what data the Extension accesses and how it is handled.

2. Data We Access

The Extension accesses the following data solely to provide its core functionality:

Google Account email address — used once at sign-in to verify Google Group membership (see Section 4)
Task keys, model codes, and Jira issue keys entered by the user in the extension interface
Web page content from live.pttgps.com, retrieved using your existing login session
Search results and sign-in state, stored locally via chrome.storage.local

3. Data We Do NOT Collect

The Extension does not:

Store, log, or retain your Google account email on any server
Collect, transmit, or share task search data with the developer or any third party
Send search data to any server other than live.pttgps.com
Track user behavior or browsing history
Use analytics, advertising, or telemetry services
Access data from any website other than live.pttgps.com and the authorization endpoint described below

4. Sign-In & Authorization (Google Group Check)

When you click "Sign in with Google," the Extension requests an access token via Chrome's built-in Identity API (chrome.identity) with the userinfo.email scope only — no other Google data is requested.

This token is sent to a Google Apps Script endpoint controlled by the developer, which:

Verifies the token directly with Google's official token-info endpoint to retrieve your email address
Checks whether that email address is a member of an authorized Google Group
Returns only an allow/deny result (and your email/name for display in the extension UI) — nothing is written to a database or stored server-side

If you are not a member of the authorized group, you will be shown a link to request access. The Extension cannot be used without successful sign-in and group verification.

5. Local Data Storage

Your sign-in status (email, name) and search results are saved locally on your device using Chrome's built-in storage API (chrome.storage.local) so they persist across browser sessions. This data never leaves your device and can be cleared at any time using the Sign out or Clear buttons within the extension.

6. Permissions Explanation

identity — Required to sign in with Google and obtain an access token for group-membership verification
tabs — Required to open the search interface in a new browser tab
storage — Required to save and restore sign-in state and search results locally on your device
host_permissions (live.pttgps.com) — Required to fetch task data from the PTT platform using your existing authenticated session
host_permissions (script.google.com / script.googleusercontent.com) — Required to call the authorization endpoint that verifies Google Group membership

7. Authentication to live.pttgps.com

The Extension does not collect or store live.pttgps.com login credentials. It uses your existing browser session (cookies) on live.pttgps.com, which is managed entirely by Chrome and the PTT platform.

8. Contact

If you have questions about this privacy policy, please contact:
yoon.wesley71@gmail.com