Short version: Ruby runs entirely inside your browser. The only personal data it sends over the network is your username and license key — used solely to verify access. No browsing history, no product data, no pricing data is ever collected, stored, or transmitted. Everything Ruby reads stays on your device.
1. What Ruby is
Ruby is a Chrome browser extension developed by KeyLabz. It helps marketplace sellers and account managers monitor product listings and compare prices against competitor websites. All processing happens locally inside your browser — KeyLabz does not operate a backend server that processes your product or pricing data.
Ruby reads only publicly accessible product pages on the public internet. It does not use any private API, restricted endpoint, or marketplace credential.
2. Data we collect and where it goes
Ruby collects minimal data. The table below explains exactly what is collected, why, and where it goes. Everything not listed here is not collected.
| Data | Purpose | Stored where | Sent externally? |
|---|---|---|---|
| Username | License verification | Your browser only (chrome.storage.local) |
Yes — to our activation server, once per 7 days |
| License key | License verification | Your browser only (chrome.storage.local) |
Yes — to our activation server, once per 7 days |
| Watchlist (starred ASINs) | Continuous background monitoring | Your browser only | Never |
| Snapshot history | Power the 24h / 7d Timeline view | Your browser only | Never |
| Event log (open & resolved) | Render the side panel Action Required cards and recent activity | Your browser only | Never |
| Quiet hours setting | Pause notifications overnight | Your browser only | Never |
| Keep-awake preference | Optional — keep Chrome alive while screen is locked | Your browser only | Never |
| Speed / risk preference | Remember your last setting | Your browser only | Never |
| Competitor site selectors (Teach Ruby) | Read prices from sites you teach Ruby | Your browser only | Never |
| Price / product data | Used in-session for the results table; persisted only as anonymous snapshots for the Timeline | Your browser only | Never |
| Browsing history | Not collected | — | Never |
3. License activation
When you enter your username and license key to activate Ruby, those two values are sent via HTTPS to our activation server (hosted on Google Apps Script) to verify your access. The server returns only a true/false response confirming whether the credentials are valid.
- Your credentials are not stored on our server beyond the verification response.
- The result is cached locally in your browser for 7 days to avoid repeated network calls.
- After 7 days, Ruby silently re-validates your key in the background.
- If validation fails, you are prompted to re-enter your credentials.
4. How Ruby accesses websites
Ruby opens product pages in background browser tabs to read prices on your behalf. These tabs are pinned (shown as a small favicon-only square at the edge of your tab strip) so they are visually unobtrusive.
Ruby accesses the web in two distinct modes — please read each carefully:
4.1 On-demand checks
When you click Check ASINs or upload a file, Ruby opens a queue of tabs at your selected speed (1–5 in parallel), reads each listing, and closes the tab. This is the same model as v6.x and only runs when you trigger it.
4.2 Background heartbeat (new in v7)
If you star one or more ASINs in your Watchlist, Ruby enables a background heartbeat that re-checks each starred ASIN on a rotating cadence (Calm: 90–180s, Balanced: 30–120s, or Aggressive: 10–30s between ticks). The heartbeat:
- Runs only when you have at least one starred ASIN and the master Watch toggle is on.
- Pauses during your configured Quiet Hours (default 23:00–07:00).
- Pauses while your system is idle (no input for several minutes), unless you explicitly opt out.
- Reuses a single pinned background tab (favicon-only) and navigates it through each starred ASIN in turn.
- Stops the moment you remove all stars or toggle Watch off.
In both modes:
- Ruby reads only publicly visible price, seller, and stock information on the page.
- Ruby does not record, store, or transmit any other page content.
- Ruby does not collect cookies, session tokens, or login credentials.
- Ruby does not access any private or authenticated area of any website.
5. Browser permissions Ruby requests
Ruby asks Chrome for the minimum set of permissions required for the features above. Each is listed here with the feature it enables.
- tabs & scripting — open background pinned tabs and run the price extractor inside them.
- storage — keep your watchlist, settings, history, and license cache locally on your device.
- notifications — surface critical events (FOD, OOS, 1P takeover, price reduction) to your OS.
- alarms — wake the heartbeat on a jittered cadence between checks.
- downloads — write Excel exports to your chosen folder.
- sidePanel — render the persistent side panel at the edge of Chrome.
- idle — detect when your system is idle so the heartbeat can pause politely.
- power — only used if you explicitly enable the "Keep checking when device is locked" toggle. Issues
chrome.power.requestKeepAwake('system')so the CPU stays available while the screen locks. Released as soon as the toggle is off. - Host permissions — Ruby ships with permission for six preset marketplace sites (amazon.sa, almanea.sa, saco.sa, noon.com, swsg.co, blackbox.com.sa, trendyol.com), plus Google and Bing for search-link lookups. For any other site you add via Teach Ruby, Chrome will explicitly prompt you for permission the first time Ruby tries to read it.
6. Local storage
Ruby stores the following data locally in your browser using chrome.storage.local. None of this data is ever transmitted off your device.
- Your license key, username, and a tamper-detection token (for the 7-day cache).
- Your Watchlist (starred ASINs, enabled/paused state, last-tick timestamp).
- Per-ASIN snapshot history used by the Timeline view (price, seller, stock state, deal flag at each check, capped in size).
- The event log (open and resolved alerts shown in the side panel).
- Your quiet hours, risk profile, keep-awake preference, and other settings.
- Competitor site selectors you taught Ruby (one entry per domain).
- The last output file handle for auto-save mode, stored locally via your browser's File System Access API.
You can clear all stored data at any time by removing the extension or clearing Chrome's extension storage via the browser settings.
7. Desktop notifications
When Ruby detects a critical event for one of your starred ASINs, it asks Chrome to display a desktop notification through your operating system. Notifications contain only the ASIN and a short description (for example, "FOD" or "Price dropped"). They never contain other personal data. Clicking a notification opens the relevant ASIN's timeline in the Ruby UI.
You can disable notifications at any time through Chrome's site/permission settings, or by toggling Watch off in the side panel.
8. Keep-awake while locked (opt-in)
Ruby includes an opt-in setting called Keep checking when device is locked. When enabled, Ruby asks your operating system (via chrome.power.requestKeepAwake('system')) to keep the CPU available while your screen is locked, so the heartbeat can keep ticking overnight. This setting:
- Is off by default. It must be explicitly enabled in Settings.
- Has no effect on the data Ruby reads or stores.
- Does not prevent the display from locking, dimming, or turning off.
- Releases the keep-awake request as soon as you toggle the setting off.
- Will be re-applied after each Chrome restart if the setting is still on.
9. Access request and support forms (Tally)
The Request Access and Support buttons in Ruby open forms hosted on Tally.so. When you submit those forms, Tally may collect your name, email address, and any other information you type. This data is handled by Tally under their own privacy policy, which you can read at tally.so/privacy. KeyLabz uses the submitted information solely to grant and manage access to Ruby and to respond to your support requests.
10. Third-party services
- Google Apps Script — hosts our license activation endpoint. Google's privacy policy applies to that request.
- Tally.so — hosts our access request and support forms.
- Google Fonts — used on this marketing website only (not inside the extension). Fonts are loaded from Google's CDN.
Ruby does not use any analytics, advertising, or tracking services inside the extension. No SDK collects telemetry. No service-worker beacon reports usage.
11. Data sharing
KeyLabz does not sell, rent, or share your personal data with any third party for advertising, marketing, or any purpose other than operating the license verification described above. We do not use your data to build profiles or for any purpose beyond what is described in this policy.
12. Data retention
The data Ruby stores in chrome.storage.local is retained until you remove the extension or clear the storage manually. Our activation server does not retain your credentials beyond the verification response. If you revoke your access, your key will fail validation on the next 7-day cycle and you will be logged out automatically.
Snapshot history is capped per ASIN and rotates as new snapshots arrive — Ruby does not accumulate unbounded history.
13. Your rights
You can delete all locally stored data by removing the extension from Chrome. If you submitted a Tally form and wish to request deletion of that data, contact us using the form below and we will process your request within 30 days.
14. Changes to this policy
We may update this policy as Ruby evolves. When we make material changes, we will update the "Last updated" date at the top of this page. Continued use of Ruby after a policy update constitutes acceptance of the revised terms.
15. Contact
If you have any questions about this privacy policy or how Ruby handles your data, please contact us.
Questions about privacy or your data?
Contact Support