SF Report Manager Add to Chrome

SF Report Manager - Privacy Policy

Effective date: 2026-03-07

SF Report Manager is a Chrome extension for managing Salesforce Reports and Dashboards at scale within your own Salesforce organization, including bulk copy, move, delete, and deployment preparation workflows.

Data We Process

We process only the data necessary to authenticate with Salesforce and perform the actions you request:

  • Salesforce session cookies (sid) to authorize API requests while you are logged in
  • OAuth tokens issued by Salesforce (access token and, if applicable, refresh token) as an alternative authentication method
  • Basic authentication details from Salesforce, including your email address, to ensure the extension functions correctly
  • Configuration details such as Salesforce API version and login domain
  • Operational metadata needed to copy, move, delete, review, or deploy selected Reports and Dashboards
  • Limited usage and diagnostic data (e.g. extension version, operating system, locale, generated analytics ID, and associated Salesforce email) to maintain performance and reliability

How We Use and Store Data

  • Session cookies are accessed locally in your browser to authenticate requests to Salesforce
  • OAuth tokens and configuration data are stored in your browser using chrome.storage.local
  • All Salesforce API requests are sent directly from your browser to Salesforce domains (e.g. *.salesforce.com, *.lightning.force.com) when cloud features are not in use
  • Usage and diagnostic events, including uninstall events, may be sent to our analytics service to help us improve the product. These may include identifiers such as your Salesforce email address

Permissions

We request only the permissions required for the extension to function:

  • cookies: to read Salesforce session cookies for authentication while you are logged in
  • identity: to support OAuth authentication with Salesforce via Chrome’s launchWebAuthFlow
  • storage: to store tokens, session details, analytics identifiers, and user configuration locally in your browser
  • Host permissions: restricted to Salesforce domains, enabling secure cookie access and API communication for managing analytics assets

Third-Party Services

The extension communicates directly with Salesforce APIs under your control. It also sends limited usage and diagnostic events to a configured analytics service for product improvement and uninstall tracking.

Paid plans and subscription billing are processed by Dodo Payments (payment processor). When you subscribe, we store your verified account email and link payments to your internal user identifier as described when you complete checkout.

Access and Revocation

  • You can sign out from the extension at any time, which clears locally stored tokens and session data
  • Cookie-based authentication depends on your active Salesforce session; logging out of Salesforce ends this access
  • You can revoke OAuth access at any time via Salesforce Setup → Connected Apps → OAuth Connected Apps

Security Practices

  • OAuth authentication uses the Authorization Code flow with PKCE
  • Data is stored locally on your device using chrome.storage.local, except where explicitly described (e.g. analytics events)
  • Session cookies are read solely for authentication and are never modified or transmitted to external services

Contact

For privacy-related questions, contact: [email protected]

Last updated: 2026-03-07

Terms of Service

Add to Chrome