← GeoMail Tracker

Privacy Policy — GeoMail Tracker

Last updated: April 27, 2026

Overview

GeoMail Tracker ("the Extension") is an email-tracking tool for Gmail. This policy explains exactly what data the Extension collects, how it is used, and what we do not collect. We've kept it short and concrete on purpose — tracking is a privacy-sensitive area, and you deserve to understand it before installing.

How tracking works (in plain language)

When you compose an email in Gmail with the Extension's "Track" toggle on, we inject a single invisible 1×1 pixel into the email body. When the recipient's email client renders the message, the pixel fetches a tiny image from our server (https://geomail.extpilot.com) over HTTPS. That fetch is what tells us the email was opened.

This is the same approach used by Mailchimp, HubSpot, Salesforce, Mailtrack, and every major email-marketing platform. We do not modify your email content beyond adding that pixel.

What we collect about your emails

What we do NOT collect

Where data is stored

Tracking events and metadata are stored in a private Cloudflare D1 database operated by ExtPilot. The database is not shared with third parties. We do not sell, rent, or trade your tracking data.

Free-plan tracking history is retained for 30 days. Pro-plan history is retained indefinitely while your subscription is active. You can request full deletion of your data at any time via support@extpilot.com.

Recipient privacy & ethics

Email open tracking is a long-standing industry practice but its legality and ethics depend on jurisdiction. In the EU (under GDPR), you generally need a legitimate-interest basis for tracking and should disclose it in your email signature or company privacy policy. In the US tracking is generally permitted, though we still recommend disclosure for trust reasons.

If you're contacting recipients in the EU/UK, we recommend adding a short notice such as: "This email contains a tracking pixel for analytics. Reply 'no track' if you'd prefer not to be tracked." The Extension provides a per-email "Track" toggle so you can disable tracking on a case-by-case basis.

Authentication & permissions

The Extension uses Chrome's built-in chrome.identity API to sign you in with Google. We request only the openid, email, and profile scopes — the minimum needed to identify your account. We do not request access to read or send Gmail messages on your behalf.

Manifest V3 host permissions are limited to https://mail.google.com/* (where the Compose injection happens) and https://geomail.extpilot.com/* (our tracking endpoint).

Pro subscription & payment

Pro purchases are processed by Stripe. ExtPilot does not store your credit card number or full billing details — only the Stripe customer ID returned to us, which is used to verify your subscription status.

Data deletion

To delete your account and all associated tracking data, email support@extpilot.com from the Google address you signed in with. We will delete all tracking events, tracks, and account records within 30 days of receiving the request.

Changes to this policy

We may update this policy as the product evolves. The "Last updated" date at the top will reflect the most recent revision. For material changes affecting how data is collected or used, we will notify users via the Extension's UI or by email.

Contact

Questions? Email us at support@extpilot.com.