Chrome Web Store Privacy Policies

Privacy policies for apps and extensions in the Chrome Web Store in accordance with the Developer Program Policies and the Updated Privacy Policy & Secure Handling Requirements.

ICS to GCal

The Chrome extension ICS to GCal allows you to add events from the context menu of .ics file links to a Google calendar of your choice.

In order to fulfill this task, it will use the following data:

the contents of .ics files you use the ICS to GCal context menu entry on

The contents of the .ics files are fetched from the link you used the context menu entry on.

The files are parsed locally using ical.js to extract relevant event information (such as starting/end time, description, …).

The extracted event data is then used to create (or update) an event with this data in the Google calendar you selected (via the Google Calendar API).

a list of the names of your Google calendars:

The names of your Google calendars are solely used to display a list of them in the ICS to GCal context menu entry on links, from which you can choose the calendar into which you want to import the event from the .ics file under that link.

ICS to GCal does not use any other data, and none of the data is shared with any party other than Google (as required to supply event data to the Google Calendar API) or the owner of the website you are requesting an .ics file from (when the file is downloaded by ICS to GCal). In particular, ICS to GCal does not contain trackers of any kind and will not share any data with its maintainer.

All communication with the Google Calendar API is performed via the encrypted HTTPS protocol, all communication with websites hosting .ics files uses the protocol indicated in the link you invoke ICS to GCal on.

smart-pass

The Chrome extension smart-pass allows you to automatically fill login forms with credentials stored in .gpg files in your Google Drive, using a smart card to decrypt the files.

In order to fulfill this task, it will use the following data:

a list of GPG/PGP files in your Google Drive contained within folders with names matching (parts of the) current page at the time you invoke smart-pass (or a manually entered search term)

The names of these files are used to present you with a list of credentials relevant for the current page (or search term).

cached favicons matching the current page at the time you invoke smart-pass (or a manually entered search term)

The favicons are taken from your browser’s cache and used to help you recognize the origin of credentials.

the contents of GPG/PGP files corresponding to the credentials you select in the smart-pass popup

The encrypted contents of these files are fetched via the Google Drive API.

The encrypted content is then decrypted locally by decrypting the contained encrypted session key on a connected smart card or hardware token. The Google Smart Card Connector app and the API calls it exposes are used to communicate with the card or token over a local interface such as USB or your computer’s internal smart card reader.

the PIN for your smart card or hardware token

The PIN is sent to the smart card via the Google Smart Card Connector app and never persisted to disk.

If you use the PIN caching feature, the entered PINs will be kept in memory for as long as the extension remains in memory, i.e., usually until you close all browser windows. You can delete the PIN cache at any time via the context menu of the extension icon. While there is at least one PIN in the cache, the extension icon will also show a “PIN” badge.

the contents of the page you invoke smart-pass autofill feature on

When you select a credential to fill into the current page, the extension will search the page for login forms. If it finds any, it will fill the chosen credentials into the form and submit it automatically (if possible).

smart-pass does not use any other data, and none of the data is shared with any party other than the owner of the website you are requesting smart-pass to fill login credentials into. In particular, smart-pass does not contain trackers of any kind and will not share any data with its maintainer.

All communication with the Google Drive API is performed via the encrypted HTTPS protocol. Note that websites you use smart-pass on may send your filled credentials over an unencrypted connection.