XPorter — Privacy Policy

Overview

XPorter does not collect, store, or transmit any personal data to external servers. All data processing happens entirely within your browser.

What Data the Extension Accesses

XPorter accesses the following data solely to perform exports that you initiate:

X.com session cookies — used to authenticate API requests on your behalf. The extension reads your existing login session to make the same API calls that X.com itself makes in your browser. No credentials are stored or copied.
X.com API responses — profile information, posts, follower/following lists retrieved via X.com's public-facing APIs. This data is processed locally to generate export files (CSV).
Extension settings — your preferences (language, theme) are stored locally using Chrome's storage.local API.

What the Extension Does NOT Do

Does not collect or store your X.com password
Does not send any data to third-party servers or analytics services
Does not track your browsing history or activity
Does not modify your X.com account in any way (no posting, following, or liking)
Does not inject ads or promotional content
Does not use any remote code — all code runs locally within the extension package

Permissions Explained

`cookies`

Required to read authentication tokens (CSRF token) from your X.com session to make authenticated API requests.

`activeTab` and `tabs`

Used to detect when you are on an X.com profile page and to identify the username of the profile being viewed.

`downloads`

Used to save exported CSV files to your Downloads folder when you click the download button.

`storage`

Used to save your extension preferences (language, theme, export settings) locally in Chrome's storage.

`host_permissions` for x.com

Required to make API calls to X.com's servers to retrieve the data you've requested to export.

Data Storage

All data is stored locally in your browser:

Export data is held temporarily in memory during the export process
Once downloaded as a CSV file, the data is saved to your local filesystem (Downloads folder)
No data is cached or persisted beyond the active export session
Extension settings are stored in Chrome's storage.local and can be cleared by uninstalling the extension

Third-Party Services

XPorter does not integrate with any third-party services, analytics platforms, advertising networks, or external APIs. The only network communication is between your browser and X.com's servers.

Data Security

All communication with X.com's servers uses HTTPS encryption. Authentication tokens are handled in memory and are never written to disk or transmitted to any server other than X.com.

Children's Privacy

XPorter is not directed at children under 13 and does not knowingly collect information from minors.

Changes to This Policy

If this privacy policy is updated, the changes will be reflected on this page with an updated effective date. Significant changes will be noted in the extension's changelog.

Contact

If you have questions about this privacy policy, please open an issue on the GitHub repository.

Effective date: February 17, 2026

XPorter Privacy Policy