Apex-Studio-Privacy

Privacy Policy for Salesforce Apex Studio

Last Updated: October 2025

Overview

Salesforce Apex Studio (“the Extension”) is committed to protecting your privacy. This Privacy Policy explains how we handle your data when you use our Chrome extension.

Our Privacy Commitment

We do not collect, store, transmit, or share any of your personal data or code. Everything runs locally in your browser.

Data Collection

What We DO NOT Collect:

• ❌ Personal information
• ❌ Your Apex code or files
• ❌ Salesforce credentials or passwords
• ❌ Browsing history
• ❌ Usage analytics or telemetry
• ❌ Cookies (except reading existing Salesforce session cookies)
• ❌ Any data transmitted to external servers

What Happens Locally:

• ✅ Your Apex code files are stored locally in your browser using IndexedDB
• ✅ Your preferences (theme, sidebar width) are stored locally using Chrome Storage API
• ✅ Your execution history is stored locally in IndexedDB
• ✅ All data remains on your device and is never transmitted to us or any third party

How the Extension Works

Local Storage:

The Extension uses browser storage technologies to save your work:

• IndexedDB: Stores your Apex code files and execution history locally on your device
• Chrome Storage API: Stores user preferences like theme and sidebar width
• All storage is local to your browser and controlled by you

Salesforce Integration:

The Extension interacts with Salesforce only through your existing browser session:

• Session Reading: Reads your Salesforce session ID from cookies to authenticate API requests
• API Calls: Makes requests to Salesforce Tooling API to execute your Apex code
• No Intermediary: All communication goes directly from your browser to Salesforce—we never see or store this data

Permissions Explained:

storage - Saves your code files and preferences locally in your browser

tabs - Detects which Salesforce org you’re viewing to update the extension icon

activeTab - Injects the launch button into Salesforce pages

cookies - Reads your Salesforce session ID (already set by Salesforce) to authenticate API calls

host_permissions - Allows the extension to work on Salesforce domains only

Third-Party Services

CDN Libraries:

The Extension loads the following open-source libraries from Content Delivery Networks (CDNs):

• React & ReactDOM from unpkg.com
• Monaco Editor from Cloudflare CDN (cdnjs.cloudflare.com)
• Dexie.js from Cloudflare CDN (cdnjs.cloudflare.com)

These libraries are loaded for functionality purposes only. We do not control these CDNs and recommend reviewing their respective privacy policies:

• Cloudflare CDN: https://www.cloudflare.com/privacypolicy/
• unpkg.com: https://www.unpkg.com/

Note: No data about your usage is sent to these CDNs beyond standard HTTP requests to load the libraries.

Salesforce:

When you execute Apex code, the Extension makes API calls directly to your Salesforce org using your existing session. This communication is between your browser and Salesforce only. We recommend reviewing Salesforce’s privacy policy at: https://www.salesforce.com/company/privacy/

Data Security

• All your code and data is stored locally in your browser
• We use Chrome’s built-in security features to protect stored data
• Your Salesforce session is used securely and never stored or transmitted by us
• The Extension does not create any network connections to our servers (we don’t have any!)

Data Retention

• Your code files persist in your browser until you delete them
• Execution history is automatically deleted after 30 days
• You can clear all Extension data at any time by:
  • Removing the Extension from Chrome
  • Clearing your browser’s storage for the Extension
  • Using Chrome’s “Clear browsing data” feature

Your Rights

You have complete control over your data:

• Access: All your data is stored locally and accessible to you
• Deletion: Remove the Extension or clear browser storage to delete all data
• Portability: Your data is stored in standard browser storage formats
• Control: You control what code you write and when you execute it

Changes to This Policy

We may update this Privacy Policy from time to time. The “Last Updated” date at the top will reflect the most recent changes. Continued use of the Extension after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions or concerns about this Privacy Policy or the Extension’s data practices:

Email: contact@mikejuma.com

Legal Compliance

This Extension complies with:

• Chrome Web Store Developer Program Policies
• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Other applicable data protection laws

Summary

In Plain English:

• We don’t collect your data
• Everything stays on your computer
• We don’t have servers to store your data even if we wanted to
• Your code is yours and yours alone
• The Extension only talks to Salesforce, using your existing session

---

Your Privacy Matters. If you have any questions about how the Extension handles your data, please don’t hesitate to contact us.

Salesforce Apex Studio Team
contact@mikejuma.com

---

This privacy policy is effective as of October 2025 and applies to version 1.0.0 and all subsequent versions of Salesforce Apex Studio.