MergeChain

Privacy Policy

Last updated: 2026-06-23

Short version: MergeChain has no backend server. It stores your GitHub credential locally in your browser and talks only to GitHub (github.com and api.github.com). Nothing is sent to the developer or any third party. The extension has no analytics, tracking, or ads.

What is stored, and where

The extension's background service worker is the only component that holds the token; the GitHub web pages you browse never receive it.

What is sent, and to whom

What is NOT collected

The website vs. the extension

The extension and this website are separate. The extension contains no analytics. The website (mergechain.dev) uses privacy-friendly analytics to count visits: Cloudflare Web Analytics (cookieless) and Google Analytics. Those run only on the website, never inside the extension or on the GitHub pages you browse. This privacy-policy page is served without any analytics.

Permissions and why they are needed

Removing your data

Uninstalling the extension removes all locally stored data (token and settings). Dependency markers already written into PR descriptions remain in those PRs; edit a PR description on GitHub to remove them, or use the extension's remove controls before uninstalling. You can revoke the token any time from GitHub > Settings > Applications.

Contact

Questions about this policy: @oleg-koval on GitHub.