LeetConnect Privacy Policy

Last updated: April 21, 2026

LeetConnect ("we", "our", or "the extension") is a Chrome extension that lets LeetCode users see who else is solving the same problem in real time, chat, and join voice rooms. This policy explains what data we collect and how we use it.

1. Data We Collect

• Google account information — when you sign in with Google we receive your name, email address, and profile photo from Google OAuth.
• Profile data — a short bio and social-platform handles you choose to add (GitHub, LinkedIn, Instagram, Discord, HackerRank, Codeforces, email). All fields are optional.
• Chat messages — text messages you send in a problem room. Messages are automatically deleted after 48 hours.
• Presence data — which LeetCode problem page you are currently viewing, used only to place you in the correct room. This is never stored persistently.

2. How We Use Your Data

• To authenticate you and keep your session active (JWT access tokens and rotating refresh tokens).
• To show your name and avatar to other users in the same problem room.
• To display your optional bio and social links on your public profile card.
• To deliver real-time chat messages and WebRTC voice connections within a room.

3. Data Sharing

We do not sell, rent, or share your personal data with any third party for marketing purposes. Data is shared only:

• With other users in the same LeetCode problem room (name, avatar, optional bio/social links).
• With our backend infrastructure (Railway/Neon Postgres) solely to operate the service.

4. Data Retention

• Chat messages are deleted automatically after 48 hours.
• Refresh tokens expire after 30 days.
• Your account and profile data are retained until you delete your account or request deletion by emailing us.

5. Permissions

The extension requests the following Chrome permissions:

• storage — to store your authentication tokens locally.
• identity — to launch the Google OAuth sign-in flow.
• activeTab / webNavigation — to detect which LeetCode problem page you are on so we can place you in the right room.

The content script runs only on *.leetcode.com pages.

6. Security

Passwords are never stored — authentication is handled entirely via Google OAuth. Access tokens are short-lived (15 minutes). Refresh tokens are stored as SHA-256 hashes in our database. All communication with our server uses HTTPS.

7. Your Rights

You may request deletion of your account and all associated data at any time by emailing abd.sam.ish.04@gmail.com. We will process your request within 30 days.

8. Changes to This Policy

We may update this policy as the extension evolves. The latest version will always be available at this URL. Continued use of the extension after changes constitutes acceptance of the updated policy.

9. Contact

Questions? Email abd.sam.ish.04@gmail.com.