Privacy

Last updated: July 5, 2026

The ColorFlipper extension is fully offline by default. It does not make any network requests, run any analytics, or talk to any servers unless you explicitly sign in to the optional MCP bridge that lets AI tools drive the extension. Both modes are described below.

Default mode (no sign-in)

  • Reads colors from the page you're viewing, only on that tab, only when you activate it.
  • Changes colors on that page while the panel is open. The changes are visual only, in your browser. The site's actual code is never touched, and everything resets when you close the panel.
  • Saves your color schemes in your browser, attached to the specific page. Nothing is uploaded anywhere.
  • No analytics, no telemetry, no third-party scripts.

Optional MCP bridge (opt-in via Google sign-in)

If you open the panel, click the MCP button in the scheme bar, and then Sign in with Google, the extension connects to mcp.colorflipper.com so the AI tools you authorize can read live colors from your tabs and push new schemes back. This is entirely optional. Without sign-in, the extension never talks to any server.

What we receive

  • Your Google account email and a stable account identifier (sub), from Google's standard OpenID sign-in.
  • The URL and page title of any tab where you have opened the ColorFlipper panel. AI tools you connect can see these so they know which page you're working on.
  • The colors read from those pages and the schemes pushed to them, while you're using the AI integration.
  • Per-request analytics: which tool was called (get_status, get_colors, push_schemes), the calling AI client name, latency, success or failure. No prompts, no user-typed text.

Where it's stored

  • A single SQLite database on a Fly.io machine in the EU (Frankfurt), backed up continuously to Cloudflare R2.
  • A hashed (not plaintext) bearer token so we can authenticate your requests. You can rotate it any time from the MCP modal in the panel.
  • No third-party analytics. No data sold or shared.

Removing your data

Email hello@colorflipper.com from the address you signed in with, and we'll delete your account, token, sessions, and event log within seven days. Signing out of the extension (or uninstalling it) stops new data from being sent but does not by itself delete what we already have.

Permissions the extension asks for

  • activeTab + scripting: needed so the extension can show the panel on the current tab when you click the toolbar icon.
  • storage: used to remember whether the panel is open, and (only if you sign in) to store your account info and bearer token locally in the browser.
  • identity: used only when you click Sign in with Google, to run the OAuth flow.

Contact

Questions: hello@colorflipper.com.