Privacy Policy

Last updated: March 23, 2026

Lumina – SEO & GEO ("Lumina", "the Extension") is a Chrome browser extension created by Julien El-Bahy. This privacy policy explains how the Extension handles your data.

Data collection

Lumina does not collect, transmit, or store any personal data on external servers. The Extension does not use analytics, tracking scripts, or advertising of any kind.

How your data is processed

All SEO analysis (page audits, heading checks, link analysis, schema validation, etc.) is performed locally in your browser. The Extension reads the content of the currently active tab to perform its analysis. This data is never sent to any server operated by Lumina or any third party.

API keys

Lumina allows you to optionally connect your own API keys for enhanced functionality:

• OpenAI API Key: Used to power AI content tools. Requests are sent directly from your browser to OpenAI's API. Lumina does not proxy, store, or log these requests.
• DataForSEO API Key: Used for keyword research and SERP analysis. Requests are sent directly to the DataForSEO API.
• Google PageSpeed Insights API Key: Used for performance analysis. Requests are sent directly to Google's API.

All API keys are stored in Chrome's local storage (chrome.storage.local) on your device. They are never transmitted to any server other than the respective API provider.

Google OAuth (Search Console & Analytics)

Lumina allows you to connect your Google Search Console and Google Analytics 4 accounts using Google's OAuth 2.0 authorization flow. When you connect:

• You are redirected to Google's consent screen, where you grant access to webmasters.readonly (Search Console) and/or analytics.readonly (Analytics) scopes.
• Access tokens are stored in Chrome's session storage and are cleared when you close the browser.
• Refresh tokens are stored in Chrome's local storage for persistent access.
• All data requests go directly from your browser to Google's APIs. Lumina does not operate any backend server.
• You can disconnect at any time from the Extension's Settings panel, which removes all stored tokens.

Lumina only requests read-only access. It cannot modify your Search Console or Analytics data.

Data stored locally

The Extension stores the following data locally on your device using chrome.storage.local:

• Your settings and preferences (theme, API keys, default options)
• Cached keyword data (to reduce redundant API calls)
• Google OAuth refresh tokens (if you choose to connect GSC/GA4)

You can clear all stored data at any time via the Extension's Settings panel ("Reset All Data").

Permissions

The Extension requests the following Chrome permissions:

• storage — Save settings and API keys locally
• activeTab / tabs — Read the current page for analysis
• scripting — Inject content scripts for on-page features (heading highlighting, link checking)
• webRequest — Capture HTTP response headers (status codes, X-Robots-Tag, security headers)
• host_permissions (<all_urls>) — Required for fetching robots.txt, llms.txt, checking external links, and making API calls to Google, OpenAI, and DataForSEO
• identity — Google OAuth authentication flow
• clipboardWrite — Copy text/data to clipboard
• downloads — Export screenshots and CSV files

Third-party services

When you use API-connected features, data is sent to the following third-party services according to their own privacy policies:

• Google (Search Console, Analytics, PageSpeed)
• OpenAI (AI content tools)
• DataForSEO (keyword research, SERP data)

Children's privacy

Lumina is not directed at children under 13. We do not knowingly collect any information from children.

Changes to this policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.

Contact

If you have questions about this privacy policy, contact: julien.elbahy [at] gmail.com