Privacy Policy — Nippy Chrome Extension
Last updated: 3 July 2026
This policy explains what the Nippy browser extension ("the extension") accesses and why. For the Nippy service as a whole, see our main Privacy Policy.
Who we are
The extension is published by Nippy (nippy.host), the static-site and file host. Contact: [email protected].
What the extension does
The extension lets you upload files, screenshots, right-clicked images, and pasted HTML to your own Nippy account and returns a public nippy.site share link. It is a thin client for the Nippy service you already use at nippy.host.
What data the extension accesses, and why
- A scoped Nippy access token. When you click "Connect with Nippy", you approve the extension on nippy.host's own consent screen (the same OAuth flow used for AI connectors). That approval issues the extension a scoped access token that can publish and update sites — and nothing more: it cannot delete sites, read your account details beyond the workspace name, or touch billing. The token is stored in your browser's local extension storage, is sent only to Nippy's own API (
api.nippy.host), and can be revoked at any time from Settings → API & MCP on nippy.host. - Files, screenshots, images, and HTML you choose to share. When you drop a file, paste HTML, capture a screenshot, or right-click an image and pick "Share image to …", the extension uploads those bytes to your Nippy account's storage (Cloudflare R2, via a time-limited upload URL issued by the Nippy API). You initiate every upload; the extension never uploads anything automatically or in the background.
- Local settings. The extension stores small preferences in your browser's local extension storage — which of your sites is the current "Drop" site and the most recent share link — so the popup can show them. This never leaves your browser.
What we do NOT do
- We do not sell or rent your data to anyone.
- We do not use or transfer your data for any purpose unrelated to the extension's single purpose (uploading your files to your Nippy account).
- We do not use your data for creditworthiness or lending.
- The extension contains no analytics, advertising, or third-party tracking.
- The extension does not read page content beyond an image you explicitly right-click to share. Fetching those images requires a one-time permission that Chrome asks you for on your first image share; even after you grant it, the extension only ever fetches the exact image you right-clicked, at the moment you ask it to.
Third parties
Uploaded files are stored in Nippy's infrastructure (Cloudflare R2) and served from nippy.site, exactly as when you upload through the nippy.host website. No other third parties receive your data through the extension.
Data retention and deletion
Files you upload are part of your Nippy account and are governed by Nippy's main service terms and privacy policy. You can delete sites and files at any time from the nippy.host dashboard. Uninstalling the extension removes its local settings.
Changes
We may update this policy; the "Last updated" date above will change. Material changes will be reflected in the Web Store listing.
See also our main Privacy Policy and Terms of Service.