Privacy Policy

Web Donate Chrome Extension — Last Updated: May 31, 2026
SECURE & COMPLIANT

Your privacy is of paramount importance to us. This Privacy Policy details the exact mechanisms by which the Web Donate Chrome Extension interacts with your data, illustrating our absolute commitment to user data security, transparency, and conformance with standard Chrome Web Store Developer Program policies.

We operate under the principal of data minimization. We only transmit and record the minimum public data required to coordinate interactive elements (such as gift messaging, real-time sounds, and leaderboards), keeping your account parameters strictly sandboxed inside your local web browser.

01 Credentials & Cookies Security

We enforce a strict, bulletproof client-side boundary to shield your credentials, session identifiers, and security tokens from ever reaching our systems:

  • Zero Credentials Transmission: The extension does not collect, process, read, or transmit your Roblox account password, session cookies (including .ROBLOSECURITY), or sensitive identifiers to our external VPS servers.
  • Native Same-Origin Security: All transactional balance queries, catalog searches, and gamepass purchase operations are executed dynamically inside the webpage's native same-origin context. Cookies and authentication parameters are handled exclusively by your browser's native sandboxed container.
  • Main World Bridge Isolation: Our isolated bridge (main-world-bridge.js) allows secure calls inside Roblox's active web page context. This preserves standard browser session headers naturally while ensuring the extension background scripts never touch your private security key values.

💡 Security Summary: Your session cookies and credentials remain 100% sandboxed inside your local web browser. No external servers, administrative portals, or backend scripts are ever granted access to your Roblox account controls or funds.

02 Gifting Ledger & SQLite Storage Logs

To power the extension's live coordination features, such as the widescreen leaderboards, live donations feed, and player gifting ledger, certain public details are logged securely to our VPS SQLite database:

  • Logged Transaction Fields: Upon a successful checkout transaction, the extension logs:
    • The donor's public Roblox username
    • The recipient's public Roblox username
    • The gamepass name and ID
    • The donation Robux amount
    • Whether the transaction was simulated (developer sandbox)
    • Your custom gift message (if typed)
    • A boolean state (claimed) to coordinate live alerts
    • The UNIX timestamp of the event
  • No PII or IP Tracking: We do not log, store, or process your IP address, browser information, location data, or any other personally identifiable information (PII). All logged statistics are tied purely to public Roblox username records.
  • Verification Overrides: The SQLite database logs designated public stats overrides (e.g. raised totals) supplied securely by authenticated extension administrators. These overrides are bound solely to the leaderboard layout displays.

03 Background & Proxy Integrity

To ensure high performance and bypass rate limits, the extension incorporates intelligent network layers:

  • Roproxy Proxy Routing: Non-credentialed, public queries (such as batch user searches, public place data, and circular thumbnails) are routed through secure roproxy.com subdomains to bypass rate limiting.
  • Strict Header Stripping: All public rate-limiting proxy requests directed to roproxy.com are structurally modified in the background script to strip out authorization parameters and cookies, guaranteeing zero risk of credentials leakage.
  • Automatic Direct Fallback: If a proxy link encounters an error or timeout, the background script immediately shifts the traffic directly back to official Roblox endpoints (same-origin), ensuring robust network continuity.

04 Browser LocalStorage Usage

The extension utilizes your local browser storage containers (chrome.storage.local) exclusively to store user-specific UI states and improve efficiency:

  • Checkout Discount Caching: Successful checkout discount percentages (e.g., 0%, 10%, or 20% on gamepass purchases) are cached locally to instantly optimize checkout timing on future transactions, bypassing sequential retry cycles.
  • Streamer Configuration: Custom toggle states (such as hiding or displaying the live donations feed panel) are saved locally to preserve your preferred workspace setup across page refreshes.

05 Third-Party Interactivity

The extension communicates exclusively with standard, trusted web APIs:

  • Roblox APIs: Fetches user details, headshot thumbnails, experiences, inventory states, and processes secure checkouts directly via official Roblox endpoints (*.roblox.com).
  • Roproxy Proxy: Public, non-authenticated requests are routed to *.roproxy.com to improve thumbnail fetching speed and search rates.

06 Data Purge & User Rights

We respect your ownership over your public records and support active data hygiene:

  • Wipe Controls: Extension administrators are equipped with secure, password-protected controls to completely clear all transaction logs, delete ledger history, reset calculated total stats, and wipe live boards instantly.
  • Purge Requests: If you wish to have your specific username's contribution or receipt records permanently purged from our database logs, you can contact an administrator to initiate an instant database command.

Request Data Purge

Need your public contribution history, leaderboard rank, or receipt records removed from our servers? Contact our administration panel to execute a permanent database wipe for your Roblox username.

Contact Administration

07 Legal & Affiliation

This extension is not affiliated with, maintained by, or endorsed by Roblox Corporation. All trademarks, logos, and design assets are the property of their respective owners, used here under Fair Use guidelines solely for matching visual themes.

All transactions simulated or conducted using this extension are subject to Roblox's standard Terms of Service and official monetization fees.