Back

Privacy Policy

Effective date: May 2026

The short version

TL;DR

  • Mapiris has no servers and no backend. Your data never touches us — because there is no "us" to touch.
  • Your API key is stored only on your device. Your analysis results are stored only on your device. Nothing is sent to Mapiris.
  • The only data that leaves your browser is the review text — sent directly from your browser to the AI provider you chose. Not to us.

Everything below explains this in more detail. It is deliberately short. If something is unclear, email business@mapiris.com.

What Mapiris does not collect

None of the following data is collected, processed, or stored by Mapiris — not on a server, not in a database, not anywhere outside your own device:

No personal data. We do not know who you are. There are no user accounts, no sign-ups, and no profiles.

No analytics or telemetry. We do not track which places you look up, how often you use the extension, or anything about your browsing.

No cookies. This website sets no cookies. The extension uses chrome.storage.local — a local, on-device API — not cookies.

No API key logs. Your key is stored locally on your device. It is never transmitted to Mapiris.

No crash reports or error logs. We receive no automatic feedback of any kind from the extension.

How data flows

Mapiris works on a Bring Your Own Key (BYOK) model. Here is the complete picture of what happens when you hit Analyze:

Reviews are extracted from the Google Maps DOM — the page you already have open in your browser. The extension reads that text locally, then sends it directly to the AI provider you configured. The request goes from your browser to the provider's API. Mapiris is not in that path. There is no Mapiris server, no proxy, and no relay.

No servers in the middle. Your browser calls the AI directly.

Your API key

When you paste an API key into Mapiris, it is saved using chrome.storage.local with a lightweight XOR obfuscation to reduce its visibility in plain storage inspections. It is never transmitted to any Mapiris server — because there is no Mapiris server for it to be transmitted to.

The key is used only to authenticate the request your browser sends to the AI provider. You can delete it at any time from the extension settings, which clears it from local storage entirely.

Keep your API key private. Treat it like a password. Anyone with your key can make calls to the AI provider at your expense.

Data stored on your device

Mapiris stores the following data locally on your device using chrome.storage.local. None of it is synchronized or sent anywhere:

Uninstalling the extension removes everything stored in chrome.storage.local for Mapiris.

Extension permissions

Mapiris requests the minimum permissions it needs to work. Here is what each one does:

activeTab

Grants access to the URL and tab ID of the current tab only when you click the extension. Without this, Mapiris cannot detect whether you're on a Google Maps place page.

scripting

Allows Mapiris to inject its review-reading script into the Google Maps tab if it wasn't loaded at page open (e.g. tabs opened before the extension was installed). Only runs on google.com/maps pages.

storage

Saves your settings, API key, and last analysis result locally on your device. No data leaves the device via this permission.

google.com/maps

Allows Mapiris to read review text from the Google Maps page DOM. Mapiris only reads — it never modifies the page or your Google account.

AI provider endpoints

The only outbound network requests Mapiris makes. Review text is sent directly from your browser to the AI provider's API. This is the only data that leaves your device, and it goes to the provider you chose — not to Mapiris.

Third-party AI providers

When you run an analysis, the review text extracted from Google Maps is sent to the AI provider you configured:

Groq Google Gemini OpenAI Anthropic

These providers receive the review text as part of a standard API prompt. Their own privacy policies govern how they handle that data. Mapiris is not responsible for third-party data practices. Before choosing a provider, read their privacy policy — especially if you are analyzing places that could be linked to sensitive personal decisions.

Mapiris also reads reviews from Google Maps. Mapiris is not affiliated with Google, endorsed by Google, or approved by Google. Accessing publicly visible review text on Google Maps is the sole purpose of the google.com/maps permission.

By using an AI provider you are subject to that provider's terms of service and privacy policy. Mapiris has no control over, and no visibility into, how providers store or use the data you send them.

GDPR

The General Data Protection Regulation applies to the collection and processing of personal data. Because Mapiris collects no personal data on its own servers — or on any servers at all — there is little to say here beyond the obvious:

There is no personal data to request, correct, export, or delete from Mapiris's side. We hold nothing on you. If you want to remove the data the extension stored on your own device, go to the extension settings and click "Reset", or uninstall the extension.

If you believe a third-party AI provider has handled your data in a way that implicates GDPR, you should contact that provider directly.

Changes to this policy

If this policy changes, the effective date at the top of this page will be updated. We will not send notifications — check this page if you want to stay current.

Because Mapiris collects no personal data, changes to this policy are unlikely to affect you in any meaningful way. The core commitment — no servers, no data collection — is a product architecture decision, not just a policy statement.

Contact

Questions about this policy? Email the Mapiris developer at contact@mapiris.com.

There is no legal entity behind Mapiris yet. It is an independent project maintained by a single developer.