Privacy Policy - Ezkar QuickLogin

1. Introduction

Ezkar QuickLogin is an internal productivity extension developed by Ezkar. This Privacy Policy outlines how the extension securely handles credentials when bridging the Ezkar Dashboard with external government portals.

            TL;DR: The extension acts strictly as a secure courier. Credentials are never written to
            disk, sent to physical servers by the extension, or tracked.
        

2. Data We Process

The extension requires access to specific login credentials (Usernames/PAN and Passwords) to perform its core functionality. This data is exclusively provided by the secure Ezkar Dashboard when you click the "Login" button.

3. How Data is Handled & Stored

Security is the foundation of this extension. We practice a strict Zero-Persistence architecture:

In-Transit Only: When triggered, the extension receives the credentials via a local browser event and stores them in volatile Chrome Session Storage (`chrome.storage.session`).
No Disk Writes: Session Storage is maintained in the active RAM of the browser and is never written to your hard drive or synchronized across devices.
Auto-Destruction: The exact millisecond the credentials are injected into the target government portal, the data is completely wiped from the extension's memory.
Safety Timeout: If the target portal fails to load within 30 seconds, the extension automatically wipes the credentials from memory to prevent lingering data.

4. Data Sharing & Third Parties

We do not collect, share, monetize, or transmit your data to any third-party servers. The extension only injects the retrieved credentials into the physical DOM inputs of the legally recognized Government of India portals:

services.gst.gov.in (GST Portal)
eportal.incometax.gov.in (Income Tax Portal)

5. Required Permissions

The extension requests the following permissions for functional purposes only:

activeTab / scripting: Necessary to interact with the DOM of the target portal to inject the credentials.
tabs: Required to physically open the new browser tabs linking to the portals.
storage: Used strictly for MV3 volatile `sessionStorage` to hold the credentials during the brief transition between the dashboard tab and the newly opened government portal tab.

6. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our internal procedures or Chrome Web Store requirements. Because this is an internal tool, any structural changes will be communicated via your Ezkar administrators.

7. Contact Us

If you have any questions or concerns about this Privacy Policy or the security of the extension, please contact the Ezkar IT Support / Engineering team.