PRIVACY

Privacy policy

Last updated May 26, 2026

The Movitera browser extension ("the Extension") helps you autofill, save, and look up credentials that you have already stored in your Movitera vault.

Data the Extension handles

  • Credentials you choose to useusernames, passwords, TOTP seeds, and any custom fields stored on credentials in your Movitera vault. These are fetched on demand from the Movitera API using your personal access token (PAT) and held in chrome.storage.session (cleared when the browser restarts) and in memory while the popup is open.
  • The origin of the page you're onused locally to decide which credential to suggest. The Extension does not send your browsing history to Movitera. Only the origin you actively autofill or save into is recorded server-side, as part of the credential's audit log.
  • Your Movitera PATstored locally in chrome.storage.session and used to authenticate API calls. The Extension does not transmit your PAT to anyone other than the Movitera API used by the installed build.

Data the Extension does not handle

  • We do not collect analytics, telemetry, or crash reports from the Extension itself.
  • We do not read or transmit form data that you have not explicitly chosen to save.
  • We do not contact any third-party service. The only network endpoint the Extension talks to is the Movitera API.

Permissions

  • storagestores the unlocked session in chrome.storage.session and minimal local preferences, such as the last team used for saving.
  • activeTab / tabslets the Extension identify the current tab, compare the origin with Vault credentials, and send the fill command to the page you are using.
  • alarmsdrives the idle-lock timer that clears the session PAT after the period you configure.
  • identityruns the secure browser authorization flow with chrome.identity.launchWebAuthFlow.
  • <all_urls> host accessrequired to detect login forms on any site where you choose to use Vault.

Contact

Privacy questions: privacy@movitera.com