HomePilot Privacy Policy
Last updated: April 26, 2026
This Privacy Policy applies solely to the HomePilot Chrome extension, published by Extensions Market. It fully discloses what data HomePilot collects, how that data is used, with whom it is shared, and how it is stored and retained. By installing or using HomePilot, you agree to this policy.
1. What data HomePilot collects
Account data
- Email address โ collected when you create a HomePilot account. Used for authentication, email verification, and account management. Stored in Google Firebase Authentication.
- User ID (UID) โ a unique identifier assigned by Firebase upon account creation. Used internally to link your usage data to your account.
- Password โ never stored by Extensions Market. Authentication is handled entirely by Google Firebase Authentication.
Usage and subscription data
- Usage counter โ the number of property analyses you have run in the current billing period. Used solely to enforce free plan limits. Resets monthly. Stored in Google Firestore.
- Subscription plan โ whether your account is on the free or paid plan, and your usage reset date. Stored in Google Firestore.
Property listing data processed on request
- Property listing data โ when you run an analysis, publicly visible listing details (address, price, property tax, HOA fees, square footage) from the Zillow or Redfin page you are viewing are transmitted from your browser to our server over HTTPS to compute the closing cost estimate, monthly cost breakdown, and deal score. This data is not stored on our servers after the response is returned.
- Saved properties โ any properties you save within HomePilot are stored locally in
chrome.storage.local on your device only. Saved properties are never uploaded to our servers.
Local browser storage
- Firebase authentication tokens โ stored in
chrome.storage.local on your device to maintain your session. Cleared when you sign out.
- Saved properties โ stored locally on your device as described above.
2. Data we do NOT collect
- We do not store property listing data on our servers after the analysis response is returned.
- We do not upload saved properties to our servers โ they remain on your device only.
- We do not collect your browsing history on any website.
- We do not use tracking pixels, advertising networks, or third-party analytics SDKs inside the HomePilot extension.
- We do not sell, rent, or share your personal data for advertising purposes.
3. How your data is used
- To authenticate your account and maintain your session
- To enforce monthly usage limits based on your subscription plan
- To compute closing cost estimates, monthly cost breakdowns, deal scores, and comparable sales analysis for the listing you are viewing
- To process subscription payments and manage billing via Stripe
- To send transactional emails (email verification, password reset) via Firebase
4. Third parties your data is shared with
| Third Party | Data Shared | Purpose | Their Privacy Policy |
|---|
| Google Firebase |
Email address, UID, usage counter, subscription plan |
Authentication (Firebase Auth) and database (Firestore) |
firebase.google.com/support/privacy |
| Stripe |
Email address, Firebase UID |
Payment processing and subscription management. Card details go directly to Stripe and never touch our servers. |
stripe.com/privacy |
| Railway |
Property listing data (in transit only) |
Cloud infrastructure hosting our API servers. Data passes through in memory only and is not stored. |
railway.app/legal/privacy |
5. Data storage and retention
- Email address, UID, usage counter, subscription plan โ stored in Google Firebase/Firestore for as long as your account is active. Deleted within 7 days of an account deletion request.
- Property listing data โ processed in memory on our servers and discarded after the response is returned. Never written to disk or logs.
- Saved properties โ stored locally on your device in
chrome.storage.local. Never uploaded to our servers.
- Authentication tokens โ stored locally on your device. Cleared on sign-out.
6. Extension permissions
- Access to Zillow and Redfin listing pages โ to read publicly visible property details for analysis. HomePilot only activates on real estate listing pages.
- chrome.storage โ to store your Firebase authentication tokens and saved properties locally on your device.
7. Data security
All communication between HomePilot and our servers uses HTTPS/TLS encryption. Firebase Authentication tokens are short-lived and automatically refreshed. Property listing data is never written to server logs.
8. Your rights
- Access โ request a copy of the personal data we hold (email, UID, usage data).
- Correction โ ask us to correct inaccurate account data.
- Deletion โ request deletion of your account and all associated data within 7 days.
- Portability โ request your account data in a machine-readable format.
To exercise any of these rights: [email protected]
9. Children's privacy
HomePilot is not directed to children under 13. We do not knowingly collect personal information from children under 13.
10. Changes to this policy
We may update this policy as HomePilot evolves. The "Last updated" date at the top reflects the most recent revision. Continued use constitutes acceptance of the updated policy.
11. Contact
[email protected]