Privacy Policy for WAOPS (WhatsApp AI CRM, Translate & Chat Sync)
Last Updated: March 24, 2026
Summary: WAOPS (WhatsApp AI CRM, Translate & Chat Sync) is designed with a "Local-First"
architecture. We do not collect, store, or share your chat history, contacts, or API keys on our servers.
Most data remains in your browser unless you actively use AI or translation features that call third-party
services.
1. Data Collection & Storage
WAOPS operates locally within your Chrome browser.
- Chat History: Synchronized chat data, AI analysis results, translation results, and
related metadata are stored in your browser storage (
chrome.storage.local). They are never
uploaded to WAOPS servers.
- API Keys & Settings: Your API keys, custom endpoint settings, and related configurations
are stored locally in your browser. API keys are encrypted at rest with AES-GCM before being persisted.
They are never sent to WAOPS servers.
2. Use of AI and Translation Services
WAOPS can analyze and translate chats using a mix of browser-local capabilities and third-party services.
- Browser-Local Processing: When Chrome built-in AI features are available, some analysis or
translation requests may be processed locally in the browser.
- Network Providers: When you use network-based AI or translation, the extension sends the
relevant text to the selected provider endpoint, such as Google Translate, Google Gemini,
OpenAI-compatible endpoints, Anthropic, DeepSeek, or a custom HTTPS endpoint that you configure.
- No WAOPS Relay: These requests are sent from your browser or the extension background
service worker and do not pass through WAOPS servers.
- Provider Policies: Third-party providers may receive standard request metadata, such as IP
address and user agent, and their handling of data is governed by their own privacy policies.
3. Remote Configuration
WAOPS fetches a remote JSON config from https://api.aeosub.cloud/waops/config.json to update
selectors and prompt templates. This file contains configuration data only and is not executable code. Like
any HTTPS request, this server may receive standard technical metadata such as IP address and user agent.
4. Permissions
We request the absolute minimum permissions necessary for functionality:
- scripting: Required to inject the WAOPS sidebar into WhatsApp Web.
- storage / unlimitedStorage: Required to persist synced chat data and user settings locally.
- permissions: Required to request runtime access for user-defined custom AI endpoints.
- declared host permissions: Required for WhatsApp Web, remote configuration, built-in AI
provider endpoints, and Google Translate.
- optional host permissions: Used only when you choose a custom HTTPS endpoint. Localhost and
private-network targets are blocked.
5. User Controls
- You can clear all locally stored WAOPS data from the Settings screen.
- You can remove API keys at any time.
- You can deny or revoke optional host permissions from Chrome's extension management page.
6. Contact Us
If you have questions about this policy, please contact us at: senluoyunhai@gmail.com
Official Website: https://aeosub.cloud
7. Chrome Web Store User Data Policy
The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy,
including the Limited Use requirements.