01What data we collect
None. TokenYou collects no personally identifiable information, no credentials, no communications, no location, no browsing history and no user activity. There are no accounts, no sign-up, and no TokenYou server that data could be sent to.
02What TokenYou reads, and how
For each platform you explicitly enable, the extension makes a background request to that platform's own usage endpoint —the same one the platform uses to show you your own consumption— and reads only the quota numbers: percentage used, remaining units and reset times. Endpoints read:
Requests are same-origin: your browser attaches your session automatically. The extension does not have the cookies permission and never sees or reads your session credential.
03What TokenYou never does
- Never reads your conversations. No extension code runs inside the platforms' pages. It cannot access your chat content, even in principle.
- Never reads your cookies or session token.
- Never records the pages you visit, your clicks, your keystrokes or your location.
- In the one case where HTML is downloaded (Gemini, to obtain two technical tokens its usage API needs), those values are used ephemerally in memory and discarded; the page content is never stored or transmitted.
04Storage
Usage percentages and reset times are stored in chrome.storage.local — that is, on your own device. They are not synced to the cloud, not uploaded anywhere, and you can clear them at any time by removing platforms or uninstalling the extension.
05Permissions
The manifest declares only two permissions: storage (to keep the numbers locally) and alarms (to refresh usage in the background without a polling loop). Access to each site is an optional permission you grant platform by platform and can revoke whenever you want. Freshly installed, TokenYou has access to no site.
06Third parties
There are no third parties. TokenYou does not sell or transfer data (there is no data to sell), and includes no analytics, no ad SDKs, no external dependencies and no remote code. It communicates with no server other than the AI platforms you enabled.
07Open source and verifiable
TokenYou is free software under the MIT license. Its full source is public on GitHub, and the published package is byte-for-byte reproducible from a tagged commit: anyone can confirm that what's installed is exactly that code. You don't have to trust this policy — you can verify it.
08Changes to this policy
If this policy changes, it will be updated on this page and in the repository, with its date. Substantial changes will also be reflected in the corresponding release notes.
09Contact
Questions or concerns: open an issue on the GitHub repository. TokenYou is part of the Escriba ecosystem.