Privacy policy

Tinkerfont uses chrome.storage.local to save user settings on your device:

• Per-site font replacement rules
• Optional area selectors (which parts of a page to scope)
• Panel theme preference (light or dark)
• Uploaded custom font files
• A cached Bunny Fonts catalog for faster search

This data persists across browser sessions. Storage is only for local settings and user-uploaded fonts. No data from storage is sent to external servers operated by Tinkerfont. You can remove individual rules in the panel, clear extension data from Chrome settings, or export and delete your setup manually.

Tinkerfont's font replacement panel only runs on the tab you are viewing when you click the extension icon. The activeTab permission grants temporary access to that tab so the extension can open its panel, scan fonts on the page, and apply font replacements you choose. The extension does not access tabs in the background without user action for panel features.

Tinkerfont adds a Tinkerfont entry to the right-click context menu on normal web pages. The contextMenuspermission is used only to create and update this inspect submenu. Inspector data is computed locally from the page's DOM and styles — not sent to Tinkerfont or any other server.

font-inspect.jsloads on pages you visit. It may fetch linked stylesheets from the page's own origins to read font sources. Font file detection is experimental; system fonts have no file URL, and a URL may not appear in some cases.

You can click a value in the font inspector submenu to copy it. Clipboard access is optional and is only requested when you click a copyable inspector item for the first time.

• clipboardWrite — writes the value you clicked to your system clipboard
• offscreen — creates a short-lived offscreen document so the extension can complete the clipboard write (Chrome service workers cannot access the clipboard directly). The offscreen document is closed immediately after copying.

Copied values stay on your device. Tinkerfont does not receive or store what you copy.

When you click the Tinkerfont icon, the extension may inject bundled content scripts into the active tab if they are not already loaded. font-inspect.js is registered as a content script for the right-click inspector. Only packaged extension files are injected — no remote code.

Host access lets Tinkerfont run on pages you open, detect fonts in use, inject font overrides, and display its panel. When you apply a Bunny Font, font files may be fetched from fonts.bunny.net directly from your browser — not through Tinkerfont servers.

The Firefox add-on uses the WebExtensions storage API (browser.storage.local) for the same local data as the Chrome version:

• Per-site font replacement rules
• Optional area selectors
• Panel theme preference
• Uploaded custom font files
• A cached Bunny Fonts catalog

Data stays on your device. You can clear add-on storage from Firefox's extension settings or remove rules individually in the panel.

The Firefox manifest declares data_collection_permissions with none— Tinkerfont does not collect, transmit, or sell personal data. This matches Mozilla's add-on data disclosure requirements.

The font replacement panel runs on the tab you are viewing when you click the add-on icon. activeTab grants temporary access to that tab for scanning fonts and applying replacements. The add-on does not monitor tabs in the background for panel features.

The Firefox add-on provides the same right-click Tinkerfont inspect submenu. Typography is computed locally. font-inspect.js may read linked stylesheets and performance data to resolve font file URLs when possible.

Copying inspector values is optional. Firefox requests clipboardWrite only when you first copy a value. Unlike Chrome, the Firefox add-on does not use an offscreen document — copies are written via the page or extension clipboard APIs during your menu click.

Copied values stay on your device. Tinkerfont does not receive or store what you copy.

When you click the add-on icon, bundled scripts may be injected into the active tab. The background runs as a persistent script (not a service worker). Only packaged add-on files are used — no remote code.

Host permission for <all_urls> lets the add-on work on pages you open for font detection, replacement, and the floating panel. Bunny Font requests go directly from your browser to fonts.bunny.net.