Loop Feedback — Chrome Extension Privacy Policy
Last updated: 18 June 2026
This page describes what the Loop Feedback Chrome extension captures, where it is stored, how long it is kept, and how to delete it. The extension is published by the operator of app.looph.ing ("Looph", "we", "us").
1. What the extension does
The extension lets a signed-in member of a Loop workspace turn the current webpage into a feedback post in that workspace. It is not a tracker, ad blocker, analytics tool, or background scraper.
2. What we capture, and only on your explicit action
The extension only reads page content when you trigger a capture (toolbar icon, keyboard shortcut, right-click menu, or command palette). It does not read pages in the background. Specifically, when you trigger a capture we collect:
- The URL and title of the current tab.
- A screenshot (visible tab, full page, region, or element) that you choose to attach.
- Any annotations you draw on the screenshot.
- Optional console & network diagnostics — only when you have explicitly enabled the diagnostics recorder. Sensitive headers (
Authorization,Cookie,Set-Cookie,X-Api-Key), JWT-shaped values in URLs, and known sensitive query parameters are stripped before upload. - Your browser viewport size and User-Agent (to help reproduce bugs).
- The note, title, board, and tags you type into the popup.
We do not read cookies, saved passwords, autofill data, form fields you have not selected, or page DOM outside the region you capture.
3. Where it goes
Captures are uploaded over HTTPS directly to your Loop workspace's storage bucket via a signed upload URL. They are attached to the feedback post you submit and are visible only to members of that workspace (subject to the board's visibility rules).
AI drafting sends the page URL, title, your rough note, an optional screenshot URL, and an optional sanitized diagnostics summary to our AI provider (Lovable AI Gateway, currently routing to google/gemini-3-flash-preview). The provider returns structured JSON that the popup renders. We do not retain the intermediate request beyond logs needed to operate the service.
4. Local storage on your device
The following data is stored in chrome.storage.local:
- Your workspace auth token(s).
- Per-tab draft posts (so you don't lose work).
- The offline submission queue.
- The last 50 local extension errors (used for "Copy diagnostics").
- Per-domain workspace pins and onboarding state.
Local data lives only on your device. Uninstalling the extension or using Settings → Forget this workspace in the popup deletes it.
5. Retention
Submitted posts and their attachments follow your workspace's retention policy and the standard Loop terms. You can delete any post (and its attachments) from the workspace at any time. Deletion is propagated to backups within 30 days.
6. Third parties
We do not sell user data. We do not transfer it for advertising. We do not use it for any purpose unrelated to delivering the feedback post you submit. The only third party in the request path is the AI provider described in section 3, and only when you ask the extension to draft text.
7. Permissions, plainly
Each Chrome permission the extension declares is justified in the permissions document shipped inside the extension package (store/PERMISSIONS.md). Host access is requested on demand via Chrome's activeTab grant — the extension does not have background access to your browsing.
8. Your rights and how to reach us
You can request export or deletion of any data tied to your Loop account by emailing privacy@looph.ing. We respond within 30 days.
9. Changes
Material changes to this policy will be announced in the extension's changelog and at the top of this page. The "Last updated" date above always reflects the current version.