Website Privacy Policy

Introduction

Squarehead operates a main website, and occasionally associated sub-sites. Information that you provide through the websites may be recorded in different ways, and this policy describes Squarehead's policy for handling that. By using this website you agree to this policy.

Intent

The information you provide is intended to be used in the context of the website and the activities Squarehead undertakes, and it's not intended to be used outside that context.

Information Collected

Account information

Where a registration facility is available, your details will be recorded and used to identify you in order to provide appropriate access to resources.

Application information

Other data may also be recorded (comments, contact information), which will be used in the context of the associated application.

Networking information

The Internet works by sending information between servers and clients (eg browsers) identified with 'IP Addresses'. The IP addresses are logged together with time, page requested and browser type as part of the site's normal operation, and are used to record general activity on the site. No direct personal information is stored.

Location

All data is stored in the UK (except for a Twitter guest cookie and as mentioned in Google Analytics below, and email list subscription and management information - which is stored in the US).

Google Analytics

The website uses Google Analytics to determine how the site is used. Here is Google's description of the privacy aspect of that:

"This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above."

Other Sites

The websites may contain links to other websites. We're obviously not responsible for the privacy policies of those sites.

Last updated: 23rd January 2026

This Privacy Policy explains how the Code Backup Panel Chrome extension (“the extension”, “we”, “our”) handles data.

What the extension does

The extension allows users to back up and manage custom CSS from Squarespace websites and store those backups in their own Google Drive account.

Information we access

The extension may access the following:

  • Google Account information
    Used only to authenticate the user via Google OAuth.

  • Google Drive files created by the extension
    Used to store CSS backup files owned and controlled by the user.

  • Website content (CSS)
    Accessed only when the user actively runs the extension on a Squarespace site.

How information is used

Information is used solely to:

  • Authenticate the user

  • Create, read, and manage CSS backup files in the user’s Google Drive

  • Store extension preferences locally in the browser

Data storage

  • CSS backups are stored only in the user’s own Google Drive

  • Extension settings are stored locally using Chrome’s storage API

  • We do not store user data on our own servers

Data sharing

We do not:

  • Sell user data

  • Share user data with third parties

  • Use data for advertising or tracking

Data is only shared with Google services as required for authentication and file storage.

Permissions explanation

The extension requests permissions strictly required for its functionality:

  • Google identity for sign-in

  • Google Drive access to store backups

  • Browser permissions to interact with the active Squarespace tab

No permissions are used outside of their intended purpose.

Data retention

All backup files remain in the user’s Google Drive until the user chooses to delete them.
Local extension data can be removed at any time by uninstalling the extension.

Security

We rely on Google’s OAuth and Drive security systems. The extension does not transmit data to external servers.

User control

Users can:

  • Revoke Google access at any time via their Google Account settings

  • Delete backup files from Google Drive

  • Uninstall the extension to remove all local data

Changes to this policy

This policy may be updated from time to time. Any changes will be posted on this page.

Contact

If you have questions about this policy or the extension, contact us at:

Email: hello@squarehead.co.uk
Website: squarehead.co.uk

Last updated: February 23, 2026

This section covers the Squarespace Asset Library Downloader Chrome extension ("the Extension"), developed and maintained by Squarehead (Made by Dave Group Ltd).

What the Extension Does

The Extension adds download buttons to the Squarespace Asset Library (located at yoursite.squarespace.com/config/asset-library). It allows Squarespace users to download their own images at full resolution and convert HLS video streams to MP4 files directly within the browser. The Extension only operates on Squarespace Asset Library pages and does not run on any other websites.

Email Address Collection

When you first install the Extension, you are asked to verify your email address via a one-time passcode (OTP). We collect your email address for the following purposes:

  • To verify access to the Extension and prevent unauthorised use.

  • To send you marketing communications about Squarehead products, services, courses, and updates that we believe may be of interest to you.

By entering your email address and completing the verification process, you consent to receiving marketing emails from Squarehead (Made by Dave Group Ltd). You can unsubscribe from marketing emails at any time by clicking the "Unsubscribe" link included in every email we send, or by contacting us at dave@madebydave.org.

Your email address is stored securely using Supabase (hosted infrastructure) and is not sold, rented, or shared with any third parties.

Information the Extension Accesses

The Extension requires the following browser permissions to function:

  • Storage - To save your preferences (e.g., whether download buttons are enabled or disabled) and your email verification status locally in your browser.

  • Active Tab - To inject download buttons into the Squarespace Asset Library page you are currently viewing.

  • Downloads - To save downloaded images and converted MP4 video files to your computer.

  • Web Request - To intercept HLS video stream URLs from Squarespace's CDN so they can be converted to downloadable MP4 files.

  • Cookies - To read your Squarespace authentication cookie, which is required to authorise video stream requests on your behalf.

What the Extension Does NOT Do

  • It does not collect, transmit, or store any of your Squarespace account credentials (passwords, API keys, or login tokens) to any external server.

  • It does not track your browsing activity, browsing history, or behaviour on any website.

  • It does not access or modify any Squarespace website content, settings, or configuration.

  • It does not run on any page outside of the Squarespace Asset Library.

Downloaded Files

All file downloads (images and videos) are processed entirely within your browser and saved directly to your computer. No downloaded files pass through our servers. Squarehead (Made by Dave Group Ltd) accepts no responsibility or liability for the content of files you download, how you use those files, or any copyright or licensing obligations that may apply to those files. It is your responsibility to ensure you have the right to download and use any assets obtained through the Extension.

Data Storage and Security

  • Your email address is stored on secure, encrypted infrastructure provided by Supabase.

  • Your Extension preferences are stored locally in your browser using Chrome's sync storage.

  • No personal data is stored on Squarehead's own servers.

  • All communication between the Extension and our verification service is encrypted via HTTPS.

Third-Party Services

The Extension uses the following third-party services:

  • Supabase (supabase.com) — For email verification and subscriber data storage. Supabase's privacy policy applies to data stored on their platform.

  • Resend (resend.com) — For delivering verification and marketing emails. Resend's privacy policy applies to email delivery.

Your Rights

You have the right to:

  • Unsubscribe from marketing emails at any time.

  • Request deletion of your email address from our records by contacting dave@madebydave.org.

  • Access the personal data we hold about you by contacting us at the same address.

Limitation of Liability

The Extension is provided "as is" without warranty of any kind. Squarehead (Made by Dave Group Ltd) is not responsible for any loss, damage, or legal liability arising from your use of the Extension or from files downloaded using it. This includes but is not limited to copyright infringement, data loss, or any issues arising from changes to the Squarespace platform that may affect the Extension's functionality.

Changes to This Policy

We may update this privacy policy from time to time. Any changes will be reflected on this page with an updated "Last updated" date.

Contact

If you have questions about this privacy policy or the Extension, contact us.