Privacy Policy

Last Updated: October 30, 2025

1. Introduction

The Nimble Falcon Data Transfer extension ("the Extension") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our Chrome extension.

2. Information We Collect

The Extension collects the following information:

• User Authentication: Your Google email address for authentication and per-user usage tracking
• Usage Analytics: Timestamps of data extraction activities, success/failure status
• Location Data: IP address and geographic location (city, region, country) for analytics purposes

3. How We Use Your Information

We use the collected information solely for:

• Authenticating users and tracking per-user usage statistics
• Providing analytics on extension usage patterns
• Geographic analysis of extension usage
• Improving extension performance and reliability

4. Data Processing and Storage

Analytics Storage

• Storage Location: Usage analytics are stored securely in Google Firestore via our analytics backend on Google Cloud Run.
• Data Stored: Only user email, timestamps, success/failure status, and coarse IP-based location (no PHI).
• Encryption: Data is encrypted in transit and at rest.
• Access Control: Only authorized personnel can access analytics data.

5. Permissions Justification

The Extension requests the following permissions:

• activeTab: Required to read visible fields from Nimble Pharmacy pages locally in the browser
• scripting: Required to auto-fill forms on Falcon RapidShip pages with data extracted from source page
• tabs: Required to detect which page the user is on to enable/disable extension functionality
• identity: Required to authenticate users via Google OAuth and track per-user usage statistics. Only email address is collected - no PHI.

6. Host Permissions

The Extension accesses:

• admin.nimblerx.com: To extract patient data locally in your browser
• 01250.cxtsoftware.net: To auto-fill Falcon RapidShip forms
• accounts.google.com: For Google OAuth authentication
• www.googleapis.com: For Google API access (user email only)
• ipapi.co: To get geographic location for analytics (no PHI)
• Analytics Backend: To send usage statistics (no PHI)

7. Data Retention

• Usage analytics are retained for up to 2 years for business analysis
• You can request deletion of your analytics data at any time
• Uninstalling the extension does not automatically delete analytics data
• To permanently delete all analytics data, contact us

8. Your Rights

You have the right to:

• Access your usage analytics data
• Request deletion of your analytics data
• Opt-out by uninstalling the extension
• Request complete data deletion

9. Children's Privacy

The Extension is not intended for use by children under 13 years of age. We do not knowingly collect information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date at the top of this policy.

11. Compliance

This Extension complies with:

• Chrome Web Store Program Policies
• Google API Services User Data Policy
• GDPR (General Data Protection Regulation)
• CCPA (California Consumer Privacy Act)
• HIPAA (Health Insurance Portability and Accountability Act) - No PHI collected

© 2025 Nimble Falcon Data Transfer. All rights reserved.