Nexana - Simpro Basket Importer Chrome Extension Privacy

Chrome Extension Privacy Policy

Name: Screwfix to Simpro Exporter Last updated: 26th August 2025

Overview

This extension allows authenticated users to export their shopping cart from screwfix.com to an external purchase order system (e.g., Simpro) via a secure backend API. We are committed to handling user data responsibly and securely.

Data Collected

Data Type What It Is Why It’s Collected

Authentication information

What is collected: username and password Why it’s collected: used to authenticate the user with our backend and issue a short-lived JWT token.

Session token (JWT)

What is collected: a signed token identifying the user Why it’s collected: stored in local extension storage to authenticate export requests.

Basket data

What is collected: SKU, quantity, price, total value Why it’s collected: extracted from the active screwfix.com tab and sent to your backend to generate a purchase order.

Data Not Collected

  • We do not collect or store any personal identifiers such as name, email, address, or contact details.
  • We do not collect credit card numbers, financial account details, or payment information.
  • We do not use tracking scripts, analytics, or advertising pixels.
  • We do not share data with third parties.

How We Use Data

  • Authentication credentials are used once during login and transmitted securely via HTTPS to our AWS-hosted backend.
  • A JWT token is issued and stored in the extension to identify the user in future export requests.
  • Basket data is sent to the backend for the sole purpose of creating a purchase order.

Data Retention

  • Login tokens (JWTs) are stored locally in the browser’s chrome.storage.local and are removed when the user logs out.
  • Basket data is transmitted securely and not stored in the extension or retained beyond its export.

Security

  • All communications with the backend are done over HTTPS.
  • No credentials or sensitive data are stored beyond the authenticated session.
  • The extension does not modify browser content or intercept user behavior beyond the active tab and user-initiated action.

Contact

If you have questions about this policy or how your data is handled, please contact: Nexana Support support@nexana.co.uk

Transparency Notes for Chrome Web Store Review

  • webRequest is used only to passively observe the Screwfix Authorization header to retrieve the authenticated basket.
  • Credentials are collected only during the login flow and transmitted securely.
  • No remote code is executed.
  • No background tracking or telemetry is performed.