frug.
Privacy Policy
Last updated: February 18, 2026
Frug is designed with privacy as a core principle. Your financial data stays on your device. We do not sell, share, or monetize your personal information.
1. What Frug Does
Frug is a Chrome browser extension that helps you make more intentional purchase decisions. It detects checkout pages, displays spending context (price in work-hours, budget impact, goal progress), and tracks your decisions locally so you can review your patterns over time.
2. Data We Collect and Store
Stored locally on your device only (via Chrome storage):
- Purchase decisions — product name, price, merchant, category, and your choice (skip, wait, or buy)
- Settings — hourly wage, budgets, savings goals, intervention level, trusted merchants
- Security credentials — PIN hash (SHA-256, one-way) and TOTP secret for dashboard lock
- Page content — the extension reads product names, prices, and order totals on checkout pages to display spending context. This data is processed locally and not transmitted.
This data never leaves your browser unless you explicitly opt into bank connection (see below).
Bank connection (optional, via Plaid):
- If you choose to connect your bank account, Frug uses Plaid to securely access your transaction data.
- Your bank login credentials are handled entirely by Plaid and are never seen or stored by Frug.
- Plaid sends Frug transaction data (merchant name, amount, date, category). This data is encrypted at rest (AES-256-GCM) and stored in a Cloudflare Workers KV namespace tied to your anonymous device identifier.
- A Plaid access token is stored server-side, encrypted with AES-256-GCM. It is only used to sync your transactions and can be revoked at any time by disconnecting your bank in settings.
3. Data We Do NOT Collect
- Names, email addresses, or any personally identifiable information
- Browsing history or web activity outside of checkout page detection
- Clicks, scrolling, keystrokes, or mouse movements
- IP addresses or location data
- Health information
4. Device Identification
Frug generates a random device ID and device secret stored locally. These are used solely to authenticate API requests to our backend (for Plaid transaction syncing) and for rate limiting. They are not linked to your identity in any way.
5. Third-Party Services
- Plaid (optional) — used for bank account linking and transaction retrieval. Subject to Plaid's Privacy Policy.
- Cloudflare Workers — our backend runs on Cloudflare's infrastructure. Encrypted data is stored in Cloudflare KV. Subject to Cloudflare's Privacy Policy.
We do not use any analytics, tracking, or advertising services.
6. Data Sharing
We do not sell, rent, trade, or transfer your data to any third party. Data is only transmitted to Plaid for the explicit purpose of syncing your bank transactions, and only when you opt in.
7. Data Retention and Deletion
- Local data — you can export or delete all local data at any time from the dashboard settings ("Clear All Data").
- Server-side data — when you disconnect your bank, your encrypted access token and transaction data are deleted from our server. You can also uninstall the extension, which removes all local data.
8. Security
- Optional 4-digit PIN lock (stored as SHA-256 hash)
- Optional TOTP two-factor authentication (RFC 6238)
- Bank transaction data encrypted at rest with AES-256-GCM
- API requests protected with device-key authentication and replay protection
- Rate limiting on all API endpoints
9. Children's Privacy
Frug is not directed at children under 13. We do not knowingly collect information from children.
10. Changes to This Policy
We may update this policy from time to time. Changes will be reflected on this page with an updated date. Continued use of Frug after changes constitutes acceptance.
11. Contact
If you have questions about this privacy policy, contact us at privacy@frug.app.