Privacy Policy

Last updated: June 15, 2026

This privacy policy applies to the OTP Scanner - TOTP Codes Chrome extension ("the Extension").

Summary

The Extension stores your two-factor authentication (2FA) account secrets locally in your browser. We do not collect, transmit, sell, or share your data with any server or third party.

Data the Extension handles

• TOTP shared secrets (Base32 keys)
• Account labels and issuer names (e.g. "GitHub", "user@example.com")
• Algorithm and digit settings for each account

This data is classified as authentication information and is considered sensitive.

How data is stored

All account data is saved using chrome.storage.local on your device only. It never leaves your computer through the Extension. No accounts are synced to cloud services operated by the developer.

Camera access

When you scan a QR code, the Extension requests access to your webcam through the browser. Video is processed locally in real time to detect QR codes. Camera frames are not recorded, stored, or transmitted.

Data sharing

The Extension does not share, sell, or transfer user data to third parties. The only way data leaves the Extension is when you explicitly copy an OTP code to your clipboard.

Limited Use disclosure

The Extension's use of information received from Chrome APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

• Data is used solely to generate and display one-time passwords.
• Data is not used for advertising, creditworthiness, or lending purposes.
• Humans do not read your authentication secrets.

Data retention and deletion

Data remains on your device until you remove an account in the Extension, clear extension storage, or uninstall the Extension.

Children

The Extension is not directed at children under 13.

Changes

We may update this policy. The "Last updated" date at the top will reflect any changes.

Contact

For privacy questions, contact: pranjal.3vyas@gmail.com