🔒 100% local — no servers, no tracking, no analytics

Privacy Policy — Nova

Last updated: July 2026

Nova (a new-tab homepage extension) was built with a commitment to privacy. This document explains exactly what data is stored and what network requests are made.

Guiding principle

All of your personal data is stored locally on your own device only, via chrome.storage. We do not run any servers, we do not collect data, and we have no access to any of your information. There is no analytics, no tracking, and no advertising.

Data stored locally

Your settings, tasks, notes, links, habits, and preferences are stored in chrome.storage.local on your device. If you enable sync, your settings (not the heavier data) are synced through Google's chrome.storage.sync — only between your own browsers, under your own Google account.

Network requests

The extension only contacts external services when needed, for features you've turned on:

ServiceWhen it's usedWhat's sentTheir policy
Open-Meteo Weather widget Coordinates or city name open-meteo.com
CoinGecko Only if the crypto ticker is enabled Coin IDs (no personal data) coingecko.com
DuckDuckGo Only if search suggestions are enabled Search text as you type duckduckgo.com

All requests are encrypted (HTTPS). Every one of these features can be turned off from Settings.

Permissions and how they're used

Optional permissions (requested only when you turn the feature on, not at install time):

Data read from topSites/bookmarks/sessions is never transmitted anywhere — it is used only to display it on the page.

Security

The extension uses a strict Content Security Policy (script-src 'self'), runs no dynamic code (no eval), and is protected against XSS and prototype pollution.

Contact

For privacy questions, please open an issue in this repository.