Privacy Policy

Last updated: June 6, 2025

AuthFill is a Chrome extension designed to simplify the autofilling of OTP (One-Time Password) codes and verification links. Your privacy is very important to us. This Privacy Policy explains how AuthFill handles your information.

1. Data We Do Not Persistently Store

AuthFill is designed with a strong commitment to user privacy. We do not:

2. Data We Process and How It Works

AuthFill operates by processing certain data to provide its core functionality. This section explains what data is processed and how:

3. Open-Source Code for Maximum Trust

To ensure maximum transparency and trust, AuthFill's entire code is open-source and publicly available for review. This means you or security experts can inspect how the extension and our server-side components handle your data and verify that our claims regarding data privacy are accurate. You can find our code at:
github.com/authfill/authfill

4. Server Infrastructure and Third-Party Services (Cloudflare)

Our server infrastructure is hosted on Cloudflare. While AuthFill itself does not persistently store your personal data, Cloudflare, as a network infrastructure provider, may collect standard server logs for security, performance, and operational purposes. This is common practice for online services. These logs typically include information such as:

AuthFill has no control over Cloudflare's logging practices, which are governed by Cloudflare's own privacy policy. For more information on how Cloudflare handles data, please refer to their privacy policy directly.

5. No Sharing of Your Personal Data

We do not sell, trade, or otherwise transfer your personal data (including IMAP credentials or email content) to outside parties. The IMAP credentials and email content are processed solely for the purpose of delivering the AuthFill service to you, as described above, and are not shared with any third parties beyond the necessary connection to your email provider.

6. Data Security

We are committed to protecting the security of your information. AuthFill relies on Chrome's secure local storage mechanisms for storing your AuthFill login credentials within the extension. When IMAP credentials and email content are processed on our server, we implement technical and organizational measures to protect this data while it is in transit and being processed. This includes the use of encryption (e.g., HTTPS/TLS) for data transmission and secure processing environments. While no method of transmission over the internet or method of electronic storage is 100% secure, we strive to use commercially acceptable means to protect your information.

7. Children's Privacy

AuthFill is not intended for use by children under the age of 16, and we do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you learn that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from a child under the age of 16 without verification of parental consent, we will take steps to remove that information from our servers.

8. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page within the AuthFill extension's listing or website. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

9. Contact Us

If you have any questions about this Privacy Policy, please contact us: