Overview
Sammy ("the Extension") is committed to protecting your privacy. This policy explains how we handle your data.
Data Collection and Storage
Local Storage (In Your Browser)
The Extension collects and stores the following data locally in your browser:
- API Keys: OpenAI API key, Claude API key, Figma personal access token (optional), and JIRA credentials
- Configuration: JIRA domain, project key, and email address
- Preferences: AI provider selection, analytics opt-out status
- Anonymous User ID: A random identifier (not linked to any personal information)
All data is stored using Chrome's secure chrome.storage.sync API and syncs across your Chrome profiles.
Analytics (Optional, Anonymous)
Starting in v1.3.0, Sammy collects anonymous usage analytics to improve the product. You can opt-out anytime in Settings.
What we track:
- Number of stories created
- AI provider used (OpenAI vs Claude)
- Platforms selected (iOS/Android/Web/API)
- Code generation usage (language, success/failure)
- Error rates and types
- Feature usage statistics
What we DO NOT track:
- Your API keys or credentials
- Design content, screenshots, or Figma data
- JIRA ticket titles or descriptions
- Personal information (name, email, etc.)
- IP addresses (handled by analytics service)
- Any user-provided context or input
All analytics data is anonymized and aggregated. We use a random anonymous user ID that is NOT linked to any personal information.
Data Usage
Your data is used exclusively for:
- AI APIs (OpenAI/Claude): Sending Figma screenshots and layer data to generate stories and code
- Figma API: Retrieving layer data from your Figma designs (when token provided)
- JIRA API: Creating story tickets in your specified JIRA project
- Chrome Sync: Syncing your settings across devices logged into the same Chrome account
- Analytics (Optional): Anonymous usage tracking to improve product features
Data Transmission
The Extension transmits data only to:
- api.openai.com and api.anthropic.com: For AI story and code generation
- api.figma.com: For layer data retrieval (optional)
- Your JIRA instance: For ticket creation
- Chrome Sync servers: For settings synchronization
- Analytics service (optional): Anonymous usage metrics (console mode by default, can be configured for GA4/PostHog)
Data Security
- All API keys are stored locally and never sent to our servers
- HTTPS is used for all external API communications
- Analytics data is sanitized to remove ALL PII before transmission
- The Extension is open source for transparency
- You can opt-out of analytics anytime in Settings
Data Retention
Data remains in Chrome storage until you:
- Uninstall the Extension
- Clear the Extension's data
- Remove items from Chrome sync
Third-Party Services
The Extension integrates with:
Analytics services (if enabled):
Children's Privacy
The Extension is not intended for use by children under 13 years of age.
Changes to This Policy
We may update this policy. Changes will be noted with a new "Last Updated" date.
Contact
For privacy concerns, contact: jordancoinjackson@gmail.com
Your Rights
You have the right to:
- Access your stored data (via Chrome settings)
- Delete your data (by clearing Extension data)
- Opt-out (by uninstalling the Extension or disabling analytics in Settings)
Back to Sammy Homepage |
View on GitHub