Privacy Policy

Last updated: February 14, 2026

Overview

CodeDrop is a local-first browser extension for developers. It packages codebases into structured payloads for AI chat sessions and validates AI modifications, creating merge-ready changesets. All code processing happens entirely within your browser. CodeDrop has no backend server and does not collect, transmit, or store your source code remotely.

Data Stored Locally

CodeDrop uses your browser's local storage (chrome.storage.local) to persist the following data on your device. This data never leaves your browser.

  • User preferences — AI model selection, display settings, keyboard shortcuts
  • Project metadata — name, file count, and timestamp of the last loaded project (file contents are not persisted)
  • Transfer history — job identifiers, line counts, and timestamps used for integrity comparison between sent and received code
  • Session identifiers — primer acknowledgment tokens that link a CodeDrop session to an AI chat
  • Optional configuration — if you enable the FAQ Sync feature, your Discord bot token and channel ID are stored locally to authenticate with the Discord API

Data That Leaves Your Browser

CodeDrop communicates with external services only in the following cases, all initiated by explicit user action:

Destination What is sent When
AI provider pages
(gemini.google.com, claude.ai)		 Your packaged code payload When you click the inject button or paste from clipboard. This is the core purpose of the extension.
extensionpay.com Payment session data When you choose to upgrade to CodeDrop Pro. Handled by the ExtensionPay library. No project data is sent.
discord.com Bug reports, feedback responses, FAQ entries When you click "Submit Feedback" in bug report window or answer feedback questions. All submissions are user-initiated button clicks. Never sends your project code or filenames.
gist.githubusercontent.com Nothing (read-only) Fetches a public JSON knowledge base file for the community FAQ feature.

Clipboard Access

CodeDrop reads from and writes to your system clipboard. This is the primary data transfer mechanism between the extension and your AI chat.

  • Clipboard write occurs when you queue a project or copy a payload shard. The structured code payload is placed on your clipboard for you to paste into an AI.
  • Clipboard read occurs when you click "Receive AI." The extension reads the clipboard to retrieve the AI's response containing code.

Clipboard access only occurs in response to explicit user action (button clicks). The extension does not read or monitor the clipboard in the background.

Content Scripts

CodeDrop injects content scripts into pages on gemini.google.com and claude.ai. These scripts enable two user-initiated features:

  • Response pulling — reads the latest AI response from the page when you click the pull button
  • Payload injection — writes a code payload into the AI's input field when you click the inject button. On claude.ai, the send button is automatically clicked after injection to submit your payload.

Content scripts do not run in the background, do not collect browsing data, and do not activate without user action.

Data the Extension Does Not Collect

  • No analytics, usage telemetry, or automatic data collection by the extension
  • No browsing history or page content outside of AI provider tabs
  • No personally identifiable information
  • No source code transmitted to CodeDrop-operated servers (there are none)
  • No cookies set by the extension
  • No data shared with third parties for advertising or tracking

Website Analytics

This website (codedrop.codes) uses Google Analytics to collect anonymous usage data such as page views, referral sources, and general visitor demographics. This data helps us understand how people find and use our website.

  • Google Analytics may set cookies in your browser when you visit this website
  • No personally identifiable information is collected through analytics
  • Analytics data is processed by Google under their privacy policy
  • This applies only to the website — the CodeDrop extension does not include any analytics or tracking code

Remote Code

CodeDrop does not load or execute any remotely hosted code. All JavaScript is bundled within the extension package. The only remote data fetched is a public JSON file (FAQ knowledge base) which is parsed as data, never executed.

Data Retention and Deletion

Because CodeDrop stores data only in your local browser storage, you have complete control over data retention:

  • Uninstalling the extension immediately and permanently deletes all CodeDrop data including preferences, history, and session identifiers
  • Clearing browser data (via browser settings) removes all extension storage
  • Using the extension's built-in controls allows you to clear history and reset settings at any time

There is no server-side data to request deletion of because CodeDrop has no server. Your data exists only on your device.

Children's Privacy

CodeDrop is a developer tool and is not directed at children under 13. We do not knowingly collect any information from children.

Changes to This Policy

If we update this privacy policy, we will revise the "Last updated" date at the top of this page. Continued use of the extension after changes constitutes acceptance of the revised policy.

Contact

For privacy-related questions, reach us through our Discord community or by email at privacy@codedrop.codes.

In plain terms: Your code stays on your machine. We have no server to send it to. The only time data leaves your browser is when you explicitly choose to paste it into an AI chat, upgrade to Pro, or use the optional FAQ sync. The extension collects nothing. This website uses Google Analytics for anonymous visitor stats — that's separate from the extension.