Privacy Policy

Last updated: May 2026

This site (danscodellaro.com) is a personal project operated by Dan Scodellaro. It is not a commercial service. This policy explains what data is collected and how it is used, including by the danscodellaro.com Extension Chrome extension.

Data collected — website

• Account information — name and email address, obtained via Google Sign-In when you create an account.
• Session data — a session token stored in a browser cookie to keep you signed in.
• Google Photos access — if you connect Google Photos, this site requests read-only access to your Google Photos library in order to display photos in your browser. Photo data is fetched directly from Google and is not stored on this server.
• GPS / location data — if you upload or stream GPS tracks, those tracks are stored privately on this server and are only visible to you.
• Usage logs — standard server access logs (IP address, page visited, timestamp) for security and debugging purposes.

Data collected — Chrome extension

The danscodellaro.com Extension is a private tool that runs in the owner's Chrome browser and sends data exclusively to this server. It is not a public service. The following data is collected:

• AI usage statistics — token and message counts are read from the Claude.ai and ChatGPT Codex usage APIs using the browser's existing authenticated session. This data is sent to and stored on this server for personal dashboard use.
• Job application data — a content script on linkedin.com/jobs-tracker/ reads job application metadata (job title, company name, URL, application status) from the page DOM and syncs it to this server's private job tracker. No LinkedIn credentials are transmitted.
• Device identifier — a UUID is generated once on first run and stored locally in the extension to provide a stable device identifier across Claude.ai polling cycles. This identifier is sent to this server alongside usage data and is not shared elsewhere.
• Sync state — the timestamp and result of the last LinkedIn sync is stored locally in the extension to display status in the popup. This data never leaves the browser.

How extension data is used

• AI usage statistics are displayed on the owner's personal vibecode dashboard.
• Job application data is displayed in the owner's personal Jobhunt ATS.
• No extension data is sold, shared with third parties, or used for any purpose other than populating the owner's private dashboards on this server.

How website data is used

• To authenticate you and provide access to site features.
• To display your Google Photos and GPS data back to you.
• To maintain security and diagnose server issues.

Your data is never sold, rented, or shared with third parties for advertising or commercial purposes.

Google API services

This site uses Google Sign-In and the Google Photos Library API. Use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Google Photos data accessed via the API is used solely to display your photos within this application. It is not stored on this server, not shared with any third party, and not used for any purpose other than displaying it to you.

Data storage and security

Account data and GPS tracks are stored on a private server. Access is restricted to authenticated users only. Session cookies are HttpOnly and Secure.

Third-party services

• Google — authentication and Google Photos API (Google Privacy Policy)
• Google Analytics — anonymous usage statistics (page views, session counts)

Your rights

You can request deletion of your account and associated data at any time by contacting dan@danscodellaro.com. You can revoke Google Photos access at any time via your Google Account permissions.

Contact

Questions about this policy: dan@danscodellaro.com