xAGI LabsxAGI Labs

Orgpage

Orgpage Privacy Policy

Privacy policy for Orgpage, the Chrome extension that turns the new tab into a customizable company homepage.

Effective date: June 15, 2026

Orgpage is a Chrome extension by xAGI Labs that replaces the browser new tab page with a customizable company homepage for announcements, onboarding, company links, leaderboards, shoutouts, pinned updates, and internal team updates.

This Privacy Policy explains what data Orgpage collects, how it is used, how it is shared, and what choices users and organizations have.

Single Purpose

Orgpage's single purpose is to provide a customizable company homepage on the Chrome new tab page. Orgpage uses data only to provide, secure, maintain, and improve this team homepage experience.

Data We Collect

Orgpage may collect the following categories of data:

Account and profile data

  • Name
  • Email address
  • Profile photo or avatar, if provided by the authentication provider
  • User ID
  • Organization membership
  • Role, such as owner, admin, or member

Authentication information

Orgpage uses Firebase Authentication and Google sign-in to authenticate users. Orgpage does not collect or store user passwords directly. Authentication credentials are handled by Firebase Authentication and Google.

Organization and workspace data

Orgpage stores organization data needed to render and manage the company homepage, including:

  • Organization name
  • Company logo URL
  • Welcome message
  • Pinned update
  • Theme settings
  • Enabled widgets
  • Member records
  • Invite records
  • Role assignments

User-generated content

Users and admins may create or manage content inside Orgpage, including:

  • Announcements
  • Onboarding tasks
  • Company links
  • Leaderboard entries
  • Shoutouts and kudos
  • Invite metadata

Product usage events

Orgpage may collect basic product analytics events, such as:

  • Login
  • Organization created
  • Invite created
  • Invite accepted
  • Announcement created
  • Onboarding task completed
  • New tab opened
  • Company link clicked
  • Shoutout created
  • Widget viewed

These analytics events are used to understand whether Orgpage is working correctly and to improve the product. Orgpage does not use these events to collect browsing history or page contents from other websites.

Data We Do Not Collect

Orgpage does not collect:

  • Browsing history
  • Webpage contents from sites you visit
  • Search history
  • Health information
  • Financial or payment information
  • Credit card numbers
  • Government IDs
  • Precise location
  • Emails, texts, or chat messages outside Orgpage
  • Passwords stored by the browser

Chrome Extension Permissions

Orgpage uses the Chrome identity permission to let users sign in with Google through Chrome's extension authentication flow. This is required so users can securely access the correct organization, role, invites, and company homepage data.

Orgpage uses host access only to connect to Firebase and Google APIs required for authentication, organization data, member records, invites, announcements, onboarding tasks, links, shoutouts, leaderboard entries, theme settings, and basic product analytics.

Orgpage does not use host permissions to read arbitrary websites.

Remote Code

Orgpage does not use remote code. The extension's JavaScript code is bundled inside the extension package. Orgpage connects to Firebase and Google APIs as remote services, but it does not load remote JavaScript as extension code.

How We Use Data

Orgpage uses data to:

  • Authenticate users
  • Show the correct company Orgpage
  • Manage organization membership and roles
  • Process invite links
  • Display announcements, onboarding tasks, links, leaderboards, shoutouts, and pinned updates
  • Let admins customize the company page and theme
  • Improve reliability, security, and product quality
  • Prevent abuse and unauthorized access
  • Comply with applicable legal obligations

How We Share Data

Orgpage does not sell user data.

Orgpage may share data with:

  • Firebase and Google Cloud services, which provide authentication, database, hosting, and analytics infrastructure
  • Google Chrome Web Store services, as required to distribute and operate the extension
  • Service providers that help operate Orgpage, only as needed to provide the product
  • Legal or regulatory authorities, if required by applicable law

Orgpage does not transfer user data to third parties for advertising, creditworthiness, or unrelated profiling.

Limited Use Disclosure

Orgpage's use of information received from Chrome APIs and Google APIs will comply with the Chrome Web Store User Data Policy, including the Limited Use requirements.

Orgpage uses user data only to provide or improve its single purpose: a customizable company homepage on the Chrome new tab page. Orgpage does not sell user data, does not use user data for advertising, and does not transfer user data except as necessary to provide the product, comply with law, or protect users and the service.

Data Retention

Orgpage retains organization and user data for as long as needed to provide the service. Organization owners or admins may remove members, revoke invites, edit content, or delete workspace content where supported.

Users or organizations may request deletion of their data by contacting xAGI Labs at TODO_PRIVACY_CONTACT_EMAIL.

Security

Orgpage uses Firebase Authentication and Firestore security rules to protect organization data and enforce role-based access. Access to organization data is limited to authenticated organization members, with additional write permissions reserved for owners and admins.

No method of transmission or storage is completely secure, but Orgpage is designed to limit access to the data required for its stated purpose.

Children

Orgpage is intended for workplace and organizational use. It is not directed to children under 13.

International Data Processing

Orgpage may process and store data using cloud infrastructure operated by Firebase, Google Cloud, and related service providers. Data may be processed in countries other than the user's country of residence.

Changes To This Policy

xAGI Labs may update this Privacy Policy from time to time. If changes are material, xAGI Labs will update the effective date and may provide additional notice where appropriate.

Contact

For privacy questions or deletion requests, contact:

TODO_PRIVACY_CONTACT_EMAIL
xAGI Labs
https://xagi.in