Privacy Policy

Merlin: Multi-LLM & AI Macro Chrome Extension

Last Updated: February 11, 2026

Google API Services Disclosure: This extension is designed to comply with the Google API Services User Data Policy, including the Limited Use requirements.

1. Introduction

"Merlin: Multi-LLM & AI Macro" values your privacy. This policy explicitly details how we collect, process, store, and share user data. We do not engage in selling user data or unauthorized data collection.

2. Detailed Data Collection and Usage

This product collects data solely to provide multi-LLM workspace and AI automation services.

Data Category	Specific Purpose	Processing/Storage Method
Google Identifiers (Email, Profile ID)	User authentication and profile management via Google OAuth 2.0.	Stored in Supabase (Cloud) for multi-device sync.
Application Settings (Layouts, Active Bots)	Maintaining UI preferences (e.g., split-screen layout).	Stored in LocalStorage and synced to Supabase.
Custom AI Macros (Automation steps)	Executing user-defined automation tasks on specific websites.	Stored in Supabase. Encryption used at rest.
Payment Status (Subscriptions)	Validating access to premium features (Pro version).	Verification API call to Lemon Squeezy.

3. Transparency on Permissions

declarativeNetRequest: Used only to bypass cross-origin restrictions (CSP/X-Frame-Options) so AI sites can be displayed within iframes. We do not monitor network traffic.
Identity: Used solely to facilitate secure sign-in through Google’s official OAuth 2.0 system.
Host Permissions: Necessary to interact with the web pages you choose to automate (Macros). Conversational data from AI providers is never intercepted or viewed by us.

4. Data Sharing and Disclosure

We share user data only with essential providers:

Google LLC: For authentication and account verification.
Supabase: Our secure cloud database for storing user profiles and macro definitions.
Lemon Squeezy: Our payment reseller. They collect billing information directly.
AI Providers (OpenAI, Google, Anthropic): Your prompts are sent directly to their platforms. Merlin does not store the content of your conversations.

5. Data Retention and Deletion

We retain your synced data as long as your account is active. To permanently delete your cloud profile and all associated data, please contact us at the email below. We fulfill deletion requests within 30 days.

6. Contact and Support

Developer: Jung Jidu

Official Email: wjdwlen@naver.com