Roster Pixel Validator Chrome Extension Privacy Policy

Roster Chrome Extension Privacy Policy

Last updated: February 9, 2026

What This Extension Does

Roster Pixel Validator is a browser-based diagnostic tool that helps users verify Roster pixel installations, referral tracking, and discount code status on e-commerce websites. It reads browser state on the active tab and displays it in a popup panel.

Data Access

The extension reads the following data locally within your browser on the currently active tab:

  • DOM elements — scans <script> tags to detect Roster pixel scripts
  • localStorage — reads Roster-specific keys (rstr_d and legacy keys) for referral and attribution data
  • sessionStorage — reads discount code loading state
  • Cookies — reads rstr_d and discount_code cookies set by the Roster pixel
  • URL parameters — reads referral, smart link, and UTM parameters from the current page URL
  • Network requests — monitors requests to sa.getroster.com and api.getroster.com to log Roster API activity

Data Storage

  • Diagnostic data is held in memory only while the popup is open and is not persisted.
  • The network activity log (up to 50 recent entries) is stored in chrome.storage.session, which is automatically cleared when the browser session ends.
  • The access code unlock state is stored in chrome.storage.local to persist across sessions.
  • No other data is persisted by the extension.

Data Transmission

This extension does not transmit any data externally. All diagnostic data is processed locally within your browser. The extension makes no outbound network requests of its own — it only observes requests already made by the page.

Data Sharing

No data collected or displayed by this extension is shared with Roster, any third party, or any external service.

PII Handling

  • Customer email addresses appearing in network request payloads are masked in the display (e.g., j***@example.com).
  • The extension does not store, log, or transmit any personally identifiable information.

Permissions Explained

Permission Why It’s Needed
activeTab Read DOM and storage on the current tab when the popup is opened
storage Store the access code unlock state and session-scoped network log
cookies Read and clear Roster-specific cookies (rstr_d, discount_code)
webRequest Monitor network requests to Roster endpoints for the activity log
Host permissions (https://*/*) Roster pixels can be installed on any website — the extension needs to detect them regardless of domain

Clear All Action

The “Clear All Roster Data” feature removes all Roster-related data from the current site (localStorage keys, cookies, and sessionStorage entries). This action is user-initiated, requires confirmation, and only affects the current site.

Changes to This Policy

If this privacy policy is updated, the changes will be reflected in the extension’s Chrome Web Store listing and in this document.

Contact

For questions about this privacy policy or the extension, contact Roster at support@getroster.com.