Each extension has its own /privacy page; family boilerplate at oriz.in/privacy-base
Each extension has its own /privacy page; family boilerplate at oriz.in/privacy-base
Decision
Every extension's site at <slug>.oriz.in hosts its own
/privacy page describing the data that THAT extension collects.
The shared family-wide boilerplate (data we never collect, how
Firebase Auth works, how the license-key fallback works, contact
address, retention defaults) lives once at oriz.in/privacy-base
and is referenced from every per-extension privacy page.
Why
Chrome / Firefox / Edge stores require a privacy URL per extension, and listing the SAME apex URL for every extension fails review when the page doesn't disclose extension-specific permission usage. Per- extension pages keep store reviewers happy. The family boilerplate exists so we don't repeat 500 lines of identical legalese in every repo and so a single edit (e.g. updated retention period) propagates.
Implications
- Each extension repo ships a
/privacy.astro(or equivalent) listing its specific permissions, host_permissions, telemetry, third-party calls. - That page imports / iframes / inlines the common-base content from
oriz.in/privacy-base. - The store listing's privacy URL points at
<slug>.oriz.in/privacy, NEVER atoriz.in/privacy-basedirectly. - Per-extension pages must explicitly enumerate every Chrome permission the manifest requests and the user-facing reason for each — this is the part that fails review when missing.
- When the family boilerplate changes, the per-extension pages don't need redeploy — they fetch / iframe live.