Privacy manifesto
Why Vidora will never sell your data
In 2025, twelve TikTok downloader extensions were caught infecting 130 thousand users with credential harvesters and remote backdoors. Most popular Chrome video downloaders ask for "read all data on all websites" without telling you why. This page exists so you can verify, line by line, what Vidora collects, what it does not, and how to turn the rest off.
What Vidora never does
- Never uploads your videos to our servers. Downloads go from the platform CDN straight to your disk. We have no infrastructure capable of storing user video content.
- Never sends URLs, titles, or page contents. Telemetry uses platform tokens (vimeo, skool, hls, etc.), not the actual URL or title of any video you watched.
- Never injects ads, affiliate links, or third-party scripts. The popup contains only video cards and download buttons. There is no analytics SDK loaded into your browser.
- Never persistent user IDs. Our session ID is regenerated each service worker start, lives in memory only, and is not correlated across sessions.
- Never sells data to brokers. RGC Digital LLC has no business relationship with any data broker. Vidora is currently free during the launch period and has no payment flow at all.
What Vidora actually collects (and you can disable)
Four categories of telemetry, all anonymous, all opt-out via a single toggle in the options page.
- Usage events. Counters like "popup_opened", "download_completed", "scan_started". No URL, no title. Sent in batched daily digests.
- Error reports. When a download fails, we receive platform token, engine (hls/dash/direct), stage (preflight/segment-fetch/mux), error class category, retry count. Never the URL. Throttled to 30 reports per day per device.
- Slow download signals. When a download takes 60+ seconds for a large file, we receive duration plus size bucket so we can identify CDN bottlenecks. No URL, no title.
- User feedback. Only when you explicitly click Send Feedback and type a message. Your email is optional. This endpoint is the only path that touches data you authored, and it is opt-in by definition.
How to verify these claims yourself
Verification matters more than promises. Three ways to check, all in under 5 minutes.
- Open Chrome DevTools. Right click the Vidora icon, Inspect popup. Switch to Network. Use the extension normally. You will see requests to api.getvidora.com with payload bodies you can read in clear.
- Read the manifest. Open chrome://extensions, click Vidora, Details, Permissions. The full list is documented and matches our description above. No surprises.
- Disable telemetry. Options page, Privacy section, toggle off. From that second, zero events leave your browser. The toggle is respected by all four telemetry endpoints, not just usage events.
Why this matters in 2026
Chrome extensions are the new browser plugins, and they sit in the same trust position. A video downloader extension has, by design, access to the network traffic of every site you visit. That privilege is too valuable to abuse. The 2025 wave of malicious TikTok downloaders proved the obvious: most users assume an extension on the Chrome Web Store has been vetted, and most have no way to verify the claims a developer makes. Vidora exists to prove that a Chrome extension with a transparent codebase and a single-developer LLC can compete with adware on user experience while never crossing the privacy line.