Privacy Policy

Summary

Widget Burger is a widget marketplace and browser new tab extension. We use information to let you sign in, install configured widget instances, sync your new tab setup, and keep the service secure.

We do not sell personal information, serve interest-based ads, or collect your general browsing history for advertising or profiling.

Information We Collect

Account and authentication data

When you create an account or sign in, we collect account information such as your name, username, email address, profile image if provided, and provider account id for Google sign-in when enabled. For email and password accounts, we store a protected password record, not your plaintext password. We also create session records and authentication cookies so you can stay signed in. Session records may include request details such as IP address, browser or device information, timestamps, session identifiers, and expiry times.

Widget and sync data

If you add widgets or use extension sync, we store the widget instances tied to your account. This includes widget ids, instance ids, space ids, and the widget configuration values you choose when you first add a widget from the marketplace, such as labels, timezones, postal codes, country choices, currency pairs, amounts, or display text. We also store synced space names, layouts, hidden or frameless display settings, theme and font preferences, color choices, sync timestamps, and the active space id.

Widget content and edits made inside the extension after a widget is added are local to your browser. For example, sticky notes, tracker progress, quick links selected from browser suggestions, counters, and other in-widget edits are not stored in your Widget Burger web account.

Extension local data

The extension stores new tab data in local browser storage, including cached widgets, local widget configuration overrides, local layouts, preferences, widget state, and local wallpapers. Local wallpaper image files, widget content, and edits made inside widgets are kept in your browser and are not included in the server sync snapshot.

Google Calendar data

If you connect the Today Schedule widget to Google Calendar, the extension requests read-only Google Calendar access from your browser. It uses that access to list calendars you can choose from and to load today's events from the calendar you select. The data may include calendar ids and names, event titles, start and end times, locations, Google Calendar links, Google Meet links, attendee names or email addresses, attendee response status, and whether an attendee is optional or an organizer.

Google Calendar API requests are made by the extension from your browser to Google. Widget Burger does not intentionally send Google Calendar event contents to Widget Burger servers, and we do not store Google Calendar OAuth access tokens in your Widget Burger account. The extension may cache the selected calendar id, selected calendar name, account hint, today's normalized event list, fetch time, and timezone in local extension storage so the widget can render your agenda and refresh efficiently.

Wallpaper provider data

If you choose a web wallpaper source, Widget Burger requests wallpaper metadata from the selected provider and may store cached wallpaper metadata in your browser, such as the provider, image URL, source page URL, photographer or attribution text, and related links. For Unsplash and Pexels wallpapers, the extension displays images from provider image URLs rather than copying the images into Widget Burger storage.

Service operation data

Our website and extension services receive ordinary request data needed to operate the service, such as IP address, browser or device information, timestamps, pages or service endpoints requested, and error or security logs.

How We Use Information

• To authenticate your account and keep your session active.
• To save, sync, and return your installed widget instances, install-time widget configuration, and extension configuration.
• To provide browser extension features such as cached widgets, local layout state, and reload/sync behavior.
• To show your selected Google Calendar's read-only schedule inside the Today Schedule widget when you connect Google Calendar.
• To secure the service, troubleshoot errors, prevent abuse, and protect users.
• To respond to support, privacy, legal, or account requests.
• To comply with law and enforce our Terms of Service.

Browser Extension Permissions

The extension requires storage permission to keep your new tab setup in the browser. It requires cookies permission so it can detect your Widget Burger session and sync with widgetburger.com. If you enable an Elewave widget and grant the Elewave host permission, that widget may read an Elewave session cookie from Elewave production hosts so it can request the next activity or activity panel you chose to display.

The extension has host access for widgetburger.com. Web backgrounds are fetched through Widget Burger's wallpaper service, which requests images from the selected wallpaper provider. Widgets that fetch provider data use optional host permissions for specific providers, and the extension requests those permissions only when synced widgets need them. Quick Links can optionally request access to browser top sites after you press its browser suggestions button; selected links are then saved locally in your browser, not in your Widget Burger web account. Quick-Links-List can optionally request browser top sites after you press Top Sites, and can cache site icons locally after you add a link. Each widget page explains any permissions the widget may need, such as access to a website or API, a connected-service cookie, or optional browser data.

The Today Schedule widget requests browser identity access and optional Google API host access only after you choose to connect Google Calendar. It requests the read-only Google Calendar scope so it can display the selected calendar's agenda, meeting links, and attendee details in your new tab.

Chrome Web Store and Google API Limited Use

Widget Burger's use of information received from Chrome extension APIs follows the Chrome Web Store User Data Policy, including the Limited Use requirements. We use extension permissions only to provide or improve user-facing new tab features. We do not sell this data, use it for personalized advertising, or use it to determine creditworthiness or lending eligibility.

Widget Burger's use and transfer of information received from Google APIs also follows the Google API Services User Data Policy, including the Limited Use requirements. We use Google Calendar data only to provide or improve the user-facing calendar widget features you choose to enable. We do not sell Google Calendar data, use it for advertising or profiling, use it to determine creditworthiness or lending eligibility, or use it to train generalized AI models.

Third-Party Services and Data Providers

We use trusted hosting, data storage, authentication, and security providers to operate Widget Burger, manage accounts and sessions, store synced settings, and protect the service. These providers process information only as needed to provide their services to us and are subject to their own terms and privacy commitments.

Some widgets fetch data directly from third-party sources selected for that widget, such as Open-Meteo, Frankfurter, USGS, Hacker News, Nager.Date, Wikimedia, OpenStreetMap Nominatim, Sunrise-Sunset, Google Calendar, Pexels, Unsplash, NASA APOD, or Elewave. When a widget calls a provider, that provider may receive request details and configured values needed for the widget, such as a postal code, country, currency pair, timezone, origin, or search parameters. Their own terms and privacy policies apply.

When you connect Google Calendar, Google receives the Calendar API requests needed to list calendars and fetch events for the selected calendar. Widget Burger does not share Google Calendar event contents with wallpaper providers, widget data providers, advertising services, or data brokers.

Web wallpaper providers may receive request details when you load or select a web wallpaper. When Unsplash is selected, Unsplash may receive image interaction data through hotlinked image URLs and through the required notice Widget Burger sends when an Unsplash image is set as a background. Unsplash says this interaction data may include a random identifier, client IP address, and photo interaction details, and that it uses this data to operate, improve, research, and enforce compliance for its services. Unsplash acts under its own terms and privacy policy for that data.

When Pexels is selected, Pexels may receive ordinary request details when your browser loads a Pexels image URL or when you open a Pexels attribution, photographer, or source link. Pexels' own terms and privacy policy apply to its services and content.

How We Share Information

We share information only as needed to provide and protect the service: with infrastructure and authentication providers, with widget data providers when you use widgets that call them, with legal or safety recipients when required, and with successors if Widget Burger is involved in a merger, acquisition, financing, reorganization, or sale of assets.

We do not sell personal information and we do not use synced widget data for third-party advertising.

We do not sell or share Google Calendar event data for advertising, profiling, data brokerage, or unrelated third-party services.

Cookies and Local Storage

Widget Burger uses authentication cookies to recognize signed-in users. The extension uses local browser storage for new tab data. You can clear local extension data through your browser, but doing so may remove local widget edits, cached widgets, preferences, widget state, layouts, and local wallpapers from that browser.

Retention

We keep account, widget, and extension sync data while your account remains active or while needed to provide the service, comply with law, resolve disputes, prevent abuse, or enforce our terms. Session data is kept for the life of the session and a reasonable security period afterward. Local extension data remains in your browser until you delete it or uninstall the extension.

Your Choices and Rights

• You can browse the public widget marketplace without signing in.
• You can sign out, uninstall the extension, clear extension storage, or revoke optional host permissions in your browser.
• You can revoke Google OAuth access from your Google account settings when you use Google sign-in or connect Google Calendar.
• You can ask to access, correct, export, or delete account data we hold about you.
• You may have additional privacy rights depending on where you live, including rights to object, restrict processing, or lodge a complaint with a data protection authority.

To make a privacy request, contact privacy@widgetburger.com.

Security

We use safeguards such as HTTPS, secure authentication, scoped browser permissions, and operational security controls to protect the service. No online service is completely secure, so you should keep your account credentials secure and sign out on shared devices.

Children

Widget Burger is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child provided personal information to us, contact us so we can review and delete it when appropriate.

International Processing

Widget Burger and its providers may process information in countries other than where you live. When privacy laws require safeguards for transfers, we rely on appropriate legal mechanisms provided by our vendors or applicable law.

Changes and Contact

We may update this policy as the product, providers, or legal requirements change. If we make material changes, we will take reasonable steps to make the new policy available before the changes apply.

Questions or requests can be sent to privacy@widgetburger.com.