Privacy Policy
Profile Stats — Chrome Extension
Last Updated: May 20, 2026Privacy at a Glance
Profile Stats reads only the publicly visible data on the OnlyFans profile page you have open — the same numbers any visitor sees. We store an email for your account, the public metrics (fans, posts, likes, etc.) of every profile you score so the leaderboard works, and any private notes you write inside the extension. No DMs, no paid content, no credentials.
1 Introduction
Welcome to the Profile Stats Privacy Policy. This document explains exactly what data Profile Stats reads, what we store on our servers, who we share with, and what control you have. Profile Stats is a Chrome extension built around a single idea: the OnlyFans profile page already shows everything you need to evaluate a creator — we just package it into a score, a leaderboard and useful analytics.
The extension does not log into your OnlyFans account, read DMs, decrypt paid content, or interact with anything that isn't publicly visible on the profile page you have open.
2 Data We Collect
Three categories of data — account, public profile metrics, and user-generated content:
| Data Type | Purpose | Storage |
|---|---|---|
| Email address | Sign-in, password reset, receipt delivery | Secure Server |
| Password (hashed) | One-way bcrypt — we never see the plaintext | Secure Server |
| Public profile metrics | Handle, avatar URL, fans, likes, posts/videos/photos/streams counts, subscribe price, join date, comments-enabled flag, detected social links — for every profile you score. Powers the Top Models leaderboard. | Secure Server |
| Notes & tags | Private text and coloured tags you write inside the extension — only you can read them | Secure Server |
| Alerts history | Anomaly notifications (fan surge/drop, score change) generated locally and synced to your account | Secure Server |
| Subscription state | Active plan, expiry date, payment provider used | Secure Server |
| Extension settings & UI state | Language, filter preferences, sort order, draft notes | Local Only |
3 Data We DO NOT Collect
We never see, request, or store any of the following:
- Your OnlyFans login credentials or session cookies
- DMs, mass messages, or any chat content
- Paid PPV / locked content, photos, or videos
- Earnings, payouts, or any creator-side financial figures
- Subscriber lists, fan emails, or follower personal data
- Browsing history outside the OnlyFans profile pages you open
- Tracking pixels, behavioural fingerprints, or third-party analytics
- Card information (we accept crypto only via NOWPayments)
4 How We Use Your Information
The limited data we collect is used exclusively for:
- Authenticating your account and verifying license status
- Providing customer support when you contact us
- Sending important service-related notifications
- Improving extension functionality and user experience
5 Chrome Extension Permissions
Our extension requires specific browser permissions to function. Here's what each permission does:
activeTab
Access the current tab's content only when you click the extension. We only interact with OnlyFans pages.
storage
Store your extension preferences and custom values locally in your browser. Data never leaves your device.
scripting
Inject visual modifications into the page DOM. This is how we change displayed values on the page.
alarms
Schedule periodic license checks to verify your subscription status. Runs in the background with minimal resource usage.
Host Permission
Limited to onlyfans.com only. The extension cannot access or modify any other websites.
6 Third Parties We Share With
We do not sell, trade, or share your personal data with advertisers. The only sub-processors we use are operational vendors required to deliver the service:
| Provider | Purpose | Data shared |
|---|---|---|
| Railway | Backend hosting & PostgreSQL database | All account & usage data above |
| Resend | Transactional email (welcome, password reset) | Email address only |
| NOWPayments | Crypto payment processing (USDT) | Invoice metadata — we never see your wallet |
| xAI | AI-written verdict for the profile being viewed | Public profile metrics of the model being viewed |
No data is shared with any other party except when legally compelled by valid legal process.
7 Data Security
We implement industry-standard security measures to protect your data:
- All communications are encrypted using HTTPS/TLS
- Passwords are hashed using bcrypt with salt rounds
- Server infrastructure is secured with modern security practices
- Regular security audits and vulnerability assessments
- Rate limiting to prevent brute-force attacks
8 Your Rights (GDPR & CCPA)
You have the following rights regarding your personal data:
Right to Access
Request a copy of your personal data
Right to Rectification
Correct inaccurate personal data
Right to Erasure
Request deletion of your data
Right to Restrict
Limit processing of your data
Right to Portability
Export your data in standard format
Right to Object
Object to processing of your data
To exercise any of these rights, please contact us at support@profilestats.pro.
9 Children's Privacy
Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.
10 Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically. Your continued use of the extension after any changes constitutes acceptance of those changes.
Questions or Concerns?
We're here to help with any privacy-related questions.