Privacy Policy
Effective: April 27, 2026. Last updated: April 27, 2026.
1. About this policy
This Privacy Policy applies to the NanoFocus browser extension ("NanoFocus", "the extension") published by Loophead Labs LLC ("we", "us", "our"). It also covers the marketing website at nanofocus.app separately in Section 10. This policy is consistent with the general Loophead Labs privacy approach and discloses the extension-specific details that the Chrome Web Store requires publishers to publish.
2. What NanoFocus does, in privacy terms
NanoFocus produces summaries of the article you are currently reading. All summarization runs on your device using Chrome's built-in Summarizer API, which is powered by the locally installed Gemini Nano model. The text of articles you summarize is never transmitted to any server operated by NanoFocus, Loophead Labs, or any third party. There is no cloud LLM in the loop.
You can verify this directly: open Chrome DevTools, switch to the Network tab, and click Summarize. You will see no outbound requests to an LLM endpoint at any point during summarization.
3. What data NanoFocus accesses
When you click the toolbar icon, the right-click "Summarize this page" menu, or the Summarize button in the side panel, NanoFocus reads the readable text of the active tab so it can be passed to Chrome's on-device Summarizer API. Specifically:
- Article text from the active tab. Read once per invocation, processed locally, then discarded after the summary is rendered.
- Tab URL and title. Used to label history entries and to check whether the current domain is on your auto-summary list. Stored locally only if you save the summary to history.
NanoFocus does not read or access tabs other than the one you have explicitly invoked it on.
4. What stays on your device
The following information lives locally in chrome.storage on your machine and is never transmitted anywhere:
- Your selected mode (TLDR, Paragraph, Outline, Key points) and length (Short, Medium, Long) preferences.
- Your summary history (most recent 50 entries by default; you can wipe it at any time with the "Clear all" button on the History tab).
- Your per-domain auto-summary opt-in list.
- Your daily usage counter (for free-tier rate limiting).
- A locally cached flag indicating whether you have an active Pro license.
5. What leaves your device
The NanoFocus extension makes only one category of network call: a license-status check against ExtensionPay (operated by Glench, LLC) when it needs to verify whether you are on the Free or Pro tier. That request includes an opaque user identifier generated by ExtensionPay; it does not include any article content, summary content, history, or browsing data.
If you upgrade to Pro, the payment flow opens a hosted page at extensionpay.com in a new tab. ExtensionPay processes the payment via Stripe. NanoFocus does not see your card details. The payment relationship is between you and ExtensionPay / Stripe, governed by their own privacy policies (extensionpay.com and stripe.com/privacy).
6. Third-party services
NanoFocus uses exactly one third-party service, and only on the Pro tier:
- ExtensionPay (Glench, LLC), which uses Stripe to process one-time Pro purchases. ExtensionPay's privacy policy is published at extensionpay.com.
The NanoFocus extension itself uses no analytics providers (no Google Analytics, no Firebase, no Mixpanel, no anything), no advertising networks, and no tracking pixels. We do not sell, rent, or share any data with third parties for any purpose.
7. Children's privacy
NanoFocus is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has used the extension in a way that raises concern, please contact us.
8. Data security
Because no NanoFocus-controlled servers receive your data, there is no server-side data store to breach. All locally stored data uses the same browser-managed isolation Chrome applies to any extension's chrome.storage namespace.
The ExtensionPay license check uses standard HTTPS. The payment flow at Stripe Checkout uses Stripe's PCI-compliant infrastructure.
9. Open Source Attribution
NanoFocus bundles two open source libraries inside the extension package:
- Readability.js by Mozilla, used to extract the readable article content from the active tab. Licensed under the Apache License 2.0.
- ExtPay.js by ExtensionPay, used to verify Pro license status. Licensed under MIT.
10. Website Analytics (nanofocus.app)
The marketing website at nanofocus.app, which hosts this Privacy Policy and the setup page, uses Vercel Web Analytics to measure aggregate traffic. This is a separate system from the extension, and no data from inside the extension is ever sent to it.
Vercel Web Analytics is designed to be privacy-preserving. Specifically, it:
- Does not set cookies or use any other client-side persistent identifiers.
- Does not fingerprint your device or browser.
- Does not track you across other sites.
- Hashes visitor IP addresses with a daily-rotated salt so that individual visitors cannot be re-identified, and discards the raw IP.
- Collects only page URL, referrer, country (derived at request time), and user-agent category (mobile vs. desktop).
Because no cookies or personal identifiers are set, no consent banner is required under GDPR, ePrivacy, or CCPA. More details are available in Vercel's Web Analytics privacy documentation. Standard Do-Not-Track signals and ad-blocker rules will block the analytics script, and the site remains fully functional without it.
To be clear: the NanoFocus extension itself uses no analytics at all. Sections 2 through 5 describe the extension's zero-collection design. Section 10 only applies to visits to the marketing website.
11. Policy Changes
We may update this Privacy Policy as the extension evolves. Changes will be posted at this URL and reflected by the Effective Date above. Material changes will also be noted in the extension's release notes on the Chrome Web Store.
12. Contact
For questions about this Privacy Policy or NanoFocus, please contact: dev@loopheadlabs.com