RateBucket Privacy Policy
Effective Date: 2026-05-27
Key principle: All data is processed locally. There is no backend server, no analytics, and no telemetry.
Overview
RateBucket is a browser extension that displays a floating usage widget on AI platform websites (ChatGPT, Claude, Grok, Gemini, Kimi, Perplexity). This privacy policy explains what data the extension collects, how it is used, and where it is stored.
Data We Collect
1. Usage Quota Data (Functional Data)
| Aspect | Detail |
|---|
| What | Numerical usage counters: remaining, total, used, resetAt, windowSeconds |
| Source | Platform-owned web endpoints on the AI platform websites you visit |
| How | The extension either actively fetches these endpoints with the current website session or intercepts the responses already made by the website |
| Storage | chrome.storage.local (browser local storage) |
| Retention | Until overwritten by newer data or cleared by the user |
| Shared | Never. This data never leaves your browser. |
2. IP Risk Detection Data (Optional, Disabled by Default)
| Aspect | Detail |
|---|
| What | Your public IP address and a risk score/signals from proxycheck.io |
| Source | api64.ipify.org (to obtain your public IP) → proxycheck.io (to check IP risk) |
| When | Only when you manually enable IP Risk Detection and provide your own proxycheck.io API key |
| Storage | chrome.storage.local |
| Shared | Sent to proxycheck.io only with your explicit API key. RateBucket does not have access to this data. |
| Retention | Cached for up to 24 hours to avoid repeated queries |
3. User Preferences
| Aspect | Detail |
|---|
| What | Language preference ("en" or "zh-CN") and IP risk settings (enabled/disabled, API key presence) |
| Storage | chrome.storage.local |
| Shared | Never |
4. Local Estimation Counters
| Aspect | Detail |
|---|
| What | Locally computed usage estimates when authoritative data is temporarily unavailable |
| Storage | chrome.storage.local |
| Shared | Never |
Data We Do NOT Collect
- Cookies, session tokens, or Authorization headers
- Chat content, prompts, or conversations
- Browsing history outside the supported platforms
- Personal identifiers (name, email, phone, address)
- Analytics or telemetry of any kind
Third-Party Services
Same-site requests to supported AI platforms may use your existing browser login session for that website. RateBucket does not read, store, export, or display cookie values, session tokens, or Authorization headers.
| Service | Purpose | Data Sent | User Control |
|---|
proxycheck.io | Optional IP risk analysis | Public IP address | Disabled by default. Only enabled if user provides their own API key. |
api64.ipify.org | Obtain public IP address for proxycheck query | None (GET request) | Only called when IP risk detection is enabled. |
Chrome Web Store Dashboard Privacy Declarations
| Data Category | Collected | Reason |
|---|
| Personally identifiable information | No | — |
| Financial and payment information | No | — |
| Authentication information | No | — |
| Personal communications | No | — |
| Location | No | — |
| Web history | No | — |
| User activity | No | — |
| Website content | No | — |
| Non-personal usage data (quota numbers) | Yes | Core functionality — display usage widget |
| IP address (optional feature) | Yes | Only for optional IP risk detection, disabled by default |
Remote code: No
Sell data to third parties: No
Use data for personalized advertising: No
Contact
For privacy questions or data deletion requests, please open an issue on the project's GitHub repository.