RedditBulk Privacy Policy

Introduction

We value your privacy and are committed to protecting any data that might be handled by our RedditBulk extension. This policy explains our practices regarding data collection, usage, and protection in a clear and transparent manner.

Information We Process (Not Collect Locally)

When using the extension, we process:

Reddit post data from posts you visit that contain images or galleries. Your extension sign-in state and plan status. Post IDs that have been processed (to avoid re-scanning the same post).

Important Note: Extension preferences (sign-in state, session token) are stored locally in your browser using Chrome’s storage API. We do not have access to these settings. No image content is ever sent to our servers — images are downloaded directly from Reddit’s servers to your device.

Information We Collect on Our Servers

To provide the gallery download service, we collect and store:

Account Information: Email address, name, and profile picture from Google OAuth (used for authentication only). Subscription Data: Your selected plan (Free or Premium), payment status, and subscription details tracked through Stripe. Session Data: Secure session tokens to maintain your login state (automatically expire after 30 days).

What We Don’t Collect:

We do not track which posts or galleries you download. We do not store, proxy, or have access to any images you download. We do not collect browsing history or viewing habits. We do not access your Reddit account or any Reddit data beyond what is publicly available.

How We Use the Information

The collected information is used solely for:

Authentication: Verifying your identity through Google OAuth. Plan Management: Enforcing free plan limits and verifying Premium plan status. Billing Management: Managing your subscription and processing payments through Stripe. Customer Support: Troubleshooting issues and responding to user inquiries.

We never use your data for advertising, marketing to third parties, or any purpose unrelated to providing the gallery download service.

Permissions We Request and Their Usage

The extension requests the following permissions to function correctly:

storage: To save your session token and plan status locally on your device. tabs: To open the Google sign-in flow and the welcome page in a new tab. host_permissions:

• https://.reddit.com/: To detect image galleries on Reddit pages and inject the download bar.
• https://.redd.it/: To fetch images directly from Reddit’s image servers for packaging into the ZIP file.
• https://codingdir.com/*: To communicate with our authentication and subscription verification servers.

Data Protection

We implement several measures to protect your privacy and security:

Secure Authentication: Google OAuth 2.0 with industry-standard token-based sessions. Encrypted Communication: All data transmitted between the extension and our servers uses HTTPS encryption. Payment Security: All payment processing handled by Stripe (PCI DSS compliant) — we never see or store your credit card information. Server-Side Validation: All plan verification enforced on our servers to prevent client-side manipulation. Session Expiration: Login sessions automatically expire after 30 days of inactivity. No Image Storage: Images are never routed through or stored on our servers under any circumstances. No Third-Party Tracking: We do not use analytics tools, tracking pixels, or advertising networks.

Information Sharing

We do not:

Sell or rent your personal information to anyone. Share your data with third parties for marketing purposes. Use your data for advertising or profiling. Share any information about which galleries or images you download with anyone.

Third-Party Services We Use:

Google OAuth: For secure authentication. Google’s use of your login data is governed by their privacy policy. We only receive your email, name, and profile picture. Stripe: For payment processing and subscription management. Stripe collects payment information, billing address, and email. We do not have access to your full credit card details. Their use of your data is governed by Stripe’s privacy policy.

Server Usage

Our extension uses a secure backend server (codingdir.com) for:

User authentication and session management. Subscription plan verification. Payment webhook processing from Stripe.

All server operations use encrypted HTTPS connections. User data is stored in a secure MySQL database with access restricted to authorized administrators only.

Your Rights and Choices

You have the right to:

Access Your Data: Request a copy of all data we store about you by contacting us. Delete Your Account: Request complete deletion of your account and associated data. Manage Subscriptions: Cancel or modify your subscription at any time through the Stripe customer portal. Opt-Out: Uninstall the extension at any time to stop all data processing. Update Information: Your profile information updates automatically from your Google account.

Data Retention

Account Data: Retained as long as your account is active. Deleted within 30 days of account deletion request. Payment Records: Retained as required by law (typically 7 years for tax purposes) but managed by Stripe. Session Tokens: Automatically expire after 30 days of inactivity.

Children’s Privacy

Our service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately, and we will delete such information.

International Data Transfers

Our servers are located in the United States. If you are accessing our service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our service, you consent to this transfer.

Changes to the Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or service features. Any material changes will be:

Posted on this page with an updated “Last Updated” date. Announced through the extension update notes. Notified to active users via email for significant changes.

Your continued use of the extension after changes are posted constitutes acceptance of the updated policy.

Security Incidents

In the unlikely event of a data breach affecting your personal information, we will:

Notify affected users within 72 hours via email. Describe the nature of the breach and data affected. Explain steps we are taking to address the breach. Provide recommendations to protect yourself.

Contact Information

For any questions, concerns, or requests regarding this privacy policy or your data:

Email: admin [at] codingdir [dot] com

Data Requests: To request access, correction, or deletion of your data, please email us with “Data Request” in the subject line and include your registered email address.

Response Time: We aim to respond to all privacy inquiries within 5 business days.

Legal Basis for Processing (GDPR)

For users in the European Economic Area, we process your data based on:

Contractual Necessity: To provide the gallery download service you have subscribed to. Legitimate Interest: To improve our service, prevent fraud, and maintain security. Consent: For optional features or communications (which you can withdraw at any time).

Consent

By installing and using the RedditBulk extension, you consent to:

The processing of information as described in this privacy policy. The storage of your account data on our secure servers. The use of browser storage for maintaining your session.

You can withdraw consent at any time by:

Uninstalling the extension. Requesting account deletion. Canceling your subscription.

Remember that you can uninstall the extension at any time if you no longer agree with these terms.