Privacy Policy

Last Updated: December 27, 2025

1. Introduction

This Privacy Policy describes how the BingFastLogin Chrome Extension ("we," "us," or "our") handles user information. Our primary goal is to provide a fast and secure login experience for Binghamton University services while maintaining the absolute privacy of your credentials.

2. Data Collection and Usage

We believe in "Privacy by Design." Our architecture ensures that your sensitive data remains under your control at all times:

  • Authentication Information: The extension handles your university username, password, and 2FA secret keys. This data is used solely to automate the login process and generate TOTP codes.

  • Local Storage Only: All sensitive data is stored exclusively on your device using the chrome.storage.local API. It is kept within a secure, sandboxed environment managed by your browser.

  • No External Transmission: We do not operate any external servers. Your credentials and 2FA secrets are never transmitted over the internet to us or any third party.

  • No Tracking: We do not track your browsing history, collect analytics, or use cookies to identify you.

3. Permissions Justification

We request only the minimum permissions necessary to automate your login. Here is exactly why they are needed:

  • storage: Used to save your 2FA secret and "Fast Login" settings locally on your computer so you don't have to re-configure the extension every time.
  • activeTab: This is a user-triggered permission. It is used only when you click "Scan QR Code" to allow the extension to "see" the QR code on the current page. It is temporary and expires as soon as you close the tab.

  • host permissions: Specifically limited to cas.cc.binghamton.edu. This allows the extension to recognize when you are on a Binghamton login page so it can assist you.

4. Data Disclosure

  • Third Parties: We do not sell, trade, or transfer your data. Your information is never accessible to anyone but you.

  • Remote Code: All code required to run this extension is bundled locally within the package. We do not load external scripts, ensuring that the logic cannot be tampered with remotely.

5. Security

Your data is protected by the native security of your local machine and the Google Chrome sandboxing environment. Since we do not use a central database, there is no single point of failure; your secrets are as secure as your personal computer.

6. Contact

If you have questions regarding this policy, please contact the developer through the "Support" tab in the Chrome Web Store.