Privacy Policy for StreemConnect Extension

Effective Date: July 10, 2025

1. Introduction

The StreemConnect Extension (“the Extension”) is a companion tool designed for users of the StreemConnect platform. Its purpose is to facilitate client management, securely access linked bank accounts, view transaction history, generate financial reports (CSV and PDF), and manage bank linking sessions.

This privacy policy explains what data the Extension collects, how it is used, and the security measures in place to protect user information.

2. Data Collected by the Extension

The Extension collects and processes the following types of data directly related to providing its core functionalities:

A. Authentication Information:

Login Credentials: When you log in, we process your email address and password for authentication with the StreemConnect platform.
Two-Factor Authentication (2FA) Codes: If 2FA is enabled, we process the 2FA code provided during the login process.
Session Token (Auth Cookie): An authentication session cookie provided by the StreemConnect backend is stored securely in your browser’s local storage (chrome.storage.local) to maintain your login status and enable authenticated communication with the API.

B. Personally Identifiable Information (PII) of Clients:

Client Information: The Extension retrieves PII related to your clients from the StreemConnect API, including client names (first name, last name, or business name), email addresses, and mobile numbers.

C. Financial and Payment Information of Clients:

Bank Account Details: We access information about linked bank accounts, including institution names, account types, and current balances.
Transaction Data: We retrieve and process detailed transaction history, including dates, amounts, descriptions, and categories, for the purpose of generating financial reports and providing an overview of client finances.

D. User Activity:

We collect interaction data (such as button clicks and navigation within the extension popup) necessary to perform the requested actions (e.g., loading clients, viewing transactions, creating links).

3. How Data is Used

The data collected by the Extension is used strictly for the following purposes:

Authentication: To verify your identity and maintain a secure session with the StreemConnect platform.
Core Functionality: To display client lists, retrieve account details, and load transaction history for analysis.
Reporting: To generate and export financial reports (CSV and PDF) and analyze recurring payments.
Bank Linking: To create and manage secure links for client account connections and renewals.

4. Data Storage and Security

Local Storage: The Extension stores your authentication session token (authCookie) and login expiry information (loginExpiry) using chrome.storage.local. This data is stored locally within your browser and is only accessible by the Extension itself.
Secure Transmission: All communication between the Extension and the StreemConnect API is conducted exclusively over HTTPS to ensure data is encrypted during transit.
Financial Data Processing: Financial information and client PII are retrieved from the StreemConnect API only when you actively use the Extension. This data is primarily processed in memory for display and reporting purposes and is not permanently stored by the Extension beyond the active session.

5. Data Sharing and Third Parties

The StreemConnect Extension does not share, sell, or disclose any user or client data collected through the Extension with any third parties, except as strictly necessary to interact with the StreemConnect backend API (as described in the Host Permissions section of the extension submission).

We do not use any third-party analytics services or advertising trackers within the Extension.

6. Data Retention

Authentication tokens stored locally are retained only for the duration of the authenticated session (up to 14 days, unless the user manually logs out). Client and financial data accessed via the API is displayed temporarily during the session and is not persistently stored by the Extension.

7. User Rights and Controls

If you wish to remove your locally stored authentication token, you can click the “Logout” button within the Extension or remove the Extension from your browser.

8. Changes to this Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices or services. We will notify users of any significant changes by updating the policy on this page and through the Chrome Web Store listing.

9. Contact Information

If you have any questions about this privacy policy or the data practices of the StreemConnect Extension, please contact us at:

support@streemconnect.com

Cookie	Duration	Description
__cfruid	session	This cookie is set by the provider Cloudflare. This cookie is used for load balancing and for identifying trusted web traffic.
AWSALBCORS	7 days	This cookie is used for load balancing services provded by Amazon inorder to optimize the user experience. Amazon has updated the ALB and CLB so that customers can continue to use the CORS request with stickness.
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_ga_450BXGTT6V	2 years	This cookie is installed by Google Analytics.