Your data belongs to you.
๐ Data we access
To show your time breakdown, Full Feel reads the following from your Google Calendar โ in read-only mode:
- Calendar event times (start and end)
- Calendar IDs (to know which calendar an event belongs to)
- Event color tags
- Your Google account email and user ID (used only to separate data when you use multiple accounts)
We never read event titles, descriptions, attendees, or locations.
๐พ Data we store
All data is stored locally in your browser using Chrome's built-in storage APIs. Nothing is sent to our servers โ because we don't have any.
- Event metadata (times, calendar IDs, colors) is cached locally to minimize API calls
- Your configuration (areas, calendar mappings, preferences) syncs across your Chrome devices via
chrome.storage.sync - Auth tokens are managed by Chrome's identity API and are not stored by us beyond the current session
All processing happens in your browser. No calendar data, no personal information, and no usage data ever leaves your device or reaches any external server.
๐ซ Data we do not collect
- Event titles, descriptions, attendees, or locations
- Browsing history or activity outside Google Calendar
- Any analytics, telemetry, or usage data
- Your Google password or OAuth credentials
๐ค Data sharing
We do not sell, transfer, or share any user data with third parties โ ever. There are no advertising partners, no data brokers, and no third-party analytics services involved in Full Feel.
๐ก Data protection
We take the following measures to protect any data accessed by Full Feel:
- Encryption in transit: All communication with Google's APIs is conducted over HTTPS/TLS, ensuring data cannot be intercepted during transfer
- Sandboxed local storage: Cached data is stored using Chrome's extension storage APIs, which are sandboxed โ inaccessible to other extensions, websites, or applications on your device
- Minimal data access: We follow the principle of least privilege, requesting only the specific data fields required to display your time breakdown (no event titles, descriptions, attendees, or locations)
- Secure token handling: OAuth access tokens are managed entirely by Chrome's built-in identity API with automatic expiry and are never stored persistently by the extension
- Read-only scope: Full Feel requests only the read-only Google Calendar API scope, making it impossible for the extension to modify, create, or delete any of your calendar data
- No external servers: Full Feel has no backend servers โ your data never leaves your browser, eliminating server-side data breach risks entirely
๐ Data deletion
Uninstalling the extension removes all locally stored data automatically. You can also revoke Full Feel's access to your Google account at any time via your Google Account security settings at myaccount.google.com/permissions.
๐ Permissions we use
Full Feel requests only the permissions it needs:
- identity: to authenticate you with Google and obtain a read-only calendar access token
- storage: to save your areas, mappings, and preferences locally
- tabs: to open calendar.google.com from the extension popup when you click "Open Google Calendar"
- calendar.google.com: to inject the Full Feel sidebar into Google Calendar pages
- googleapis.com: to call the Google Calendar API (read-only) and the OAuth endpoints
๐ฌ Contact
If you have any questions about this privacy policy or how Full Feel handles your data, reach out at hello@fullfeel.app.
This policy applies to the Full Feel Chrome Extension. It may be updated occasionally โ the date at the top of this page always reflects the most recent version.