Canvascope
Add to Chrome
ExtensionLectraResearchAdd to Chrome

Privacy policy

Privacy is part of the product model, not a landing-page claim.

This Privacy Policy explains how the Canvascope application and website (collectively, “Canvascope,” the “Service”), operated by Canvascope Inc., accesses, uses, stores, shares, retains, and protects your data — including data obtained from your Google Account. Canvascope is local-first where that matters most: course indexing, fast search, and day-to-day retrieval. Connected web and document workflows exist to support you, not to turn academic behavior into an analytics funnel.

Last updated: June 13, 2026

Local-first stays the default

Canvascope stores its core LMS search index in browser-local storage. The website reflects synced data only after you explicitly sign in or sync a document through connected product flows.

Connected data is product data, not ad-tech data

When you sign in, the web app reads shared records such as course snapshots, document handoff metadata, and Course Brain artifacts. These records support the product itself rather than a tracking or advertising business model.

Shared identity, scoped access

The website uses the same shared account system as Canvascope and Lectra. Access to synced records stays scoped to the signed-in user and protected by secure access controls and encryption.

Who we are

Canvascope is developed and operated by Canvascope Inc. This policy applies to the Canvascope browser extension, the Canvascope website and web app, and the Lectra-connected workflows that share the same account system. If you have any questions about this policy or your data, contact us at canvascopeextension@gmail.com.

What Google user data we collect

When you choose to sign in with Google, we request only the limited OpenID Connect scopes openid, email, and profile. Through these scopes we access and collect the following Google user data:

  • Your Google Account unique identifier (the “sub” claim)
  • Your email address
  • Your basic profile information, such as your name
  • Your Google profile picture (if available)

We do not request or access your Gmail messages, Google Drive files, Google Classroom data, contacts, calendar, or any other restricted or sensitive Google API scopes. We only receive the data you explicitly authorize during the Google sign-in consent flow.

How we use Google user data

We use the Google user data described above solely to provide and improve user-facing features of Canvascope. Specifically, we use it to:

  • Authenticate you and create or restore your Canvascope account session
  • Identify you across the shared Canvascope and Lectra account system so your synced course snapshots, documents, and Course Brain artifacts are scoped to you
  • Display your name, email, and profile picture in the signed-in interface
  • Contact you about your account or provide support when needed

We do not use Google user data for advertising, targeted or personalized ads, retargeting, profiling, selling to data brokers or information resellers, determining credit-worthiness, lending, building independent databases, or training, developing, or improving generalized artificial intelligence or machine learning models. Canvascope’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

How we share, transfer, or disclose data

We do not sell your Google user data or any other personal data, and we do not transfer or disclose it to third parties for purposes other than providing or improving the Service. We share data only in the following limited circumstances:

  • Service providers / subprocessors: We use trusted infrastructure providers — including Supabase (database and authentication) and our hosting provider — to store and process data strictly on our behalf and under contractual confidentiality and security obligations. These providers may not use your data for their own purposes.
  • Legal requirements: We may disclose data if required to do so by law, regulation, legal process, or enforceable governmental request.
  • With your direction: We share data when you explicitly direct us to, such as syncing a document between connected Canvascope and Lectra workflows.

How we protect your data

Security procedures are in place to protect the confidentiality of your data. We use encryption in transit (HTTPS/TLS) for all data exchanged with Google and our servers, and your session is carried in a signed, secure, HTTP-only cookie. Access to synced records is scoped to the authenticated user and protected by secure access controls. We restrict internal access to personal data to what is necessary to operate and support the Service.

Data retention and deletion

We retain your account and Google user data only for as long as needed to provide the Service and fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law. When the retention period expires, or when data is no longer needed, we delete or anonymize it.

You may sign out at any time to clear your active session. You may also request access to, correction of, or deletion of your personal data — including the Google user data associated with your account — by emailing us at canvascopeextension@gmail.com. Upon a verified request, we will delete your account data within a reasonable period, except where retention is required by law. You can also revoke Canvascope’s access to your Google Account at any time from your Google Account permissions page.

Changes to this policy

We may update this Privacy Policy from time to time. If we change how we use Google user data, we will update this page and revise the “Last updated” date above, and where appropriate we will notify you within the product. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

Contact us

For any questions, concerns, or requests regarding this Privacy Policy or your data, contact Canvascope Inc. at canvascopeextension@gmail.com.