Privacy Policy
Effective date: February 14, 2026
Gmail Sender Info ("the Extension") is a Chrome browser extension that displays sender domain information, brand logos, and email authentication results in Gmail. This policy describes what data the Extension accesses, how it is used, and your rights.
1. Data the Extension Accesses
The Extension processes the following data locally in your browser:
- Sender email addresses — extracted from the Gmail page to look up domain and logo information.
- Email headers — fetched from Gmail's own servers using your existing session to check SPF, DKIM, and DMARC authentication results.
- Sender domain names — derived from email addresses to perform BIMI DNS lookups and favicon resolution.
The Extension does not access email body content, attachments, contacts, or any other personal information.
2. External Services
The Extension communicates only with Google-operated services:
| Service | Data Sent | Purpose |
|---|---|---|
Google DNS-over-HTTPS (dns.google) |
Sender domain name | Look up BIMI TXT records to find verified brand logos |
| Google Favicon Service | Sender domain name | Retrieve website favicons for sender domains |
| gstatic Favicon V2 | Sender domain name | Detect whether a real favicon exists (vs. generic globe icon) |
Gmail (mail.google.com) |
Message ID | Fetch raw email headers for authentication checks using your existing session |
No data is sent to any third-party analytics, advertising, or tracking service. The Extension does not communicate with any non-Google server.
3. Data Storage
Lookup results (domain names, logo URLs, and favicon URLs) are cached locally in your browser using Chrome's storage.local API. Cache entries expire after 24 hours and are automatically cleared when the Extension is installed or updated. No data is stored outside your browser.
4. Data Collection
The Extension does not collect, transmit, or store any personal data on external servers. Specifically:
- No analytics or telemetry
- No user accounts or identifiers
- No tracking pixels, beacons, or cookies
- No behavioral data (clicks, page views, interaction patterns)
- No email content or attachments
5. Permissions
| Permission | Why It's Needed |
|---|---|
storage |
Cache BIMI and favicon lookup results locally (24-hour TTL) |
https://dns.google/* |
BIMI DNS-over-HTTPS lookups for verified brand logos |
https://*.gstatic.com/* |
Detect generic globe icons to determine if a real favicon exists |
The Extension does not request access to browsing history, cookies, bookmarks, or any broad host permissions.
6. Data Sharing
The Extension does not sell, trade, or transfer any user data to third parties. No data leaves your browser except the domain-name queries to Google services described in Section 2.
7. Security
- All DOM elements are created programmatically — no untrusted HTML injection.
- Input validation rejects malformed email addresses before processing.
- Header fetches use your existing Gmail session (same-origin); no additional credentials are stored or transmitted.
8. Children's Privacy
The Extension is not directed at children under 13 and does not knowingly collect any personal information from children.
9. Changes to This Policy
If this policy is updated, the revised version will be posted at this URL with an updated effective date. Material changes will be noted in the Extension's update notes on the Chrome Web Store.
10. Contact
If you have questions about this privacy policy, please open an issue on the GitHub repository.