Privacy Policy

Last updated: 2026-05-05

Mr Oye (mroye) is a Chrome extension that adds a friendly browser pet to every web page. This page tells you exactly what data we collect — the short answer is almost nothing.

What stays on your device

• Your AI provider key(s) (Anthropic, OpenAI, Gemini, GitHub) — saved in chrome.storage.local, never transmitted to us.
• Your conversation history with Mr Oye (last 50 entries).
• Your notes, snippets, clipboard history, read-later queue.
• Your focus / Pomodoro stats and domain-time-tracker totals.
• Your preferences (skin tone, outfits, sound on/off, etc.).

None of this data leaves your device unless you explicitly trigger an AI request, in which case it goes directly from your browser to the AI provider you configured (Anthropic, OpenAI, etc.). We don't proxy or log it.

What we collect on our servers

• If you buy Mr Oye Pro: Stripe sends us your email address and the Stripe checkout session ID. We store these alongside the unlock code we issue. We use this only to (a) re-issue your code if you lose it, (b) revoke a code if it's leaked.
• License verification: Once every 24 hours, the extension asks our server "is this code still valid?". We respond yes/no based on the revocation list. We log the request count for abuse prevention but not the user's IP beyond what Cloudflare keeps for security.
• Breach checks: When you check whether your email appears in a known data breach, the email is sent to our server which forwards it to Have I Been Pwned (or the free ProxyNova fallback). We don't store the email.

Permissions

Mr Oye requests:

• storage — to save your preferences and notes locally.
• tabs, activeTab — to inject the mascot, take screenshots when you ask.
• history — used by Browser Wrapped and Daily Standup; never transmitted off-device.
• clipboardWrite, bookmarks, cookies, notifications, alarms, contextMenus — for the corresponding features.
• <all_urls> — so the mascot can appear on any page you visit.

Third parties

When you opt into a feature, the request goes to the corresponding service:

• AI providers (Anthropic, OpenAI, Gemini, GitHub) — your prompts + your own API key.
• Mr Oye AI (Pro tier) — your prompts go to api.buzdy.com/ai.
• Google Cloud TTS — text you ask Mr Oye to say (with your own API key).
• Suno — song-generation prompts (with your own API key).
• Stripe — only when you click "Unlock Pro". Stripe handles the payment; we never see your card.
• Have I Been Pwned / ProxyNova — when you click "Check breaches".

Children

Mr Oye is not designed for children under 13. The default system prompt sent to AI providers is kid-safe, but please supervise younger users.

Contact

Questions, takedown requests, lost unlock codes: hello@mroye.com.

← Back to mroye.com