Privacy Policy — GPT Codex Burn

Last updated: May 2026

GPT Codex Burn does not collect, transmit, or share any personally identifiable data with any third party, with two exceptions: anonymous usage analytics (Google Analytics) and optional license key verification (Gumroad), both described below. All core data processing occurs locally on the user's device.

Data Handling

Data Where it stays Sent externally?
Usage metrics (session %, weekly %, reset times) Device only (chrome.storage.local) No
User settings (thresholds, notification preferences) Chrome sync storage (chrome.storage.sync) Synced across the user's browsers via their Google account; not transmitted to any external servers by the extension
chatgpt.com session cookies Not accessed, read, or stored by the extension No — attached automatically by the browser on fetch requests
Bearer token (access token) Device only (chrome.storage.local, cached 25 min) No
Supporter license key Device only (chrome.storage.local) Sent to Gumroad API for one-time verification only
Supporter tier Device only (chrome.storage.local) No
Anonymous analytics client ID (random UUID) Device only (chrome.storage.local) Sent to Google Analytics with each event

What the Extension Does

Usage Analytics (Google Analytics 4)

To understand which features are used and improve the extension, GPT Codex Burn sends anonymous event data to Google Analytics 4 — for example, when the popup is opened, a panel is expanded, a setting is toggled, or a license is activated. Each event is tied only to a randomly generated client ID stored locally; no chatgpt.com account info, usage values, license keys, or other personal data are included in these events.

Google's privacy policy applies to this data: https://policies.google.com/privacy

Optional: Supporter License Verification

If you choose to activate a Supporter license key, the extension sends that key to the Gumroad license verification API (api.gumroad.com/v2/licenses/verify) for a one-time validation. No other personal data is included in this request.

Gumroad's privacy policy governs this interaction: https://gumroad.com/privacy

What the Extension Does Not Do

Permissions Used

Permission Reason
storage Stores usage metrics and user preferences locally and via Chrome sync
notifications Displays optional usage alerts based on user-defined thresholds
alarms Periodically updates usage metrics and triggers scheduled alerts
scripting Injects in-page toast notifications into the active browser tab
tabs Identifies the currently focused tab for toast delivery
windows Identifies the last-focused window to locate the active tab
https://chatgpt.com/* Fetches the auth session and usage data, and injects toast notifications on chatgpt.com tabs
https://www.google-analytics.com/* Sends anonymous usage analytics events

Changes to This Policy

If this policy is updated, the "Last updated" date above will be revised. Continued use of the extension after any changes constitutes acceptance of the updated policy.

Contact

If you have any questions about this Privacy Policy, please contact: