Last updated: April 2026 · FaxSeal
The FaxSeal Chrome extension requests the following permissions: activeTab (to read the current page URL and capture a screenshot of the visible area when you trigger the Select Region feature), scripting (to open the print dialog when you choose Save as PDF), storage (to save your authentication token and default fax number locally), downloads (to save a PDF to your Downloads folder), and tabs (to identify the active tab). The extension never runs in the background, never reads page content without your explicit action, and never accesses pages you have not opened. Data collected by the extension: • Authentication token — stored in chrome.storage.sync (synced across your signed-in Chrome profile) to authenticate fax send requests. Never shared with third parties. • Default fax-to number — stored in chrome.storage.sync at your request for convenience. Optional; never transmitted unless you send a fax. • Recent fax history — last 2 sent faxes (recipient number, timestamp, tracking URL) stored in chrome.storage.sync for display in the popup. No content is stored. • Screenshots — captured only when you explicitly drag to select a region. The image is held temporarily in chrome.storage.session (cleared when the browser session ends) and uploaded to faxseal.com solely to convert it to a PDF for faxing or download. Screenshots are deleted from our servers within 7 days under the same document retention policy as other uploaded files. • Current page URL — read from the active tab to display in the popup and to fax the page. Not stored or transmitted beyond the fax request itself. No browsing history, keystrokes, form data, or any other page content is ever collected.
When you send a fax we collect: the recipient fax number, your optional email address, and the PDF document you upload. If you create an account via Google or email sign-in, we store your name and email address. We do not collect payment card details — all payments are processed by Stripe.
We use your information solely to deliver your fax and send a delivery receipt to your email if you provided one. Account holders can view their fax history and manage contacts. We do not sell, rent, or share your information with third parties for marketing.
Uploaded PDF files are stored temporarily for the purpose of transmission and deleted automatically within 7 days of fax delivery, failure, or expiry. Guest signed PDFs (no account) are deleted within 72 hours. Signed PDFs saved to your account are retained until you delete them from your documents library. We do not use document contents for any purpose other than completing your requested transmission.
FaxSeal provides an API that allows third-party services — including automation platforms (such as Zapier or Make), AI assistants (such as ChatGPT custom GPTs), and custom code — to send faxes on your behalf using an API token you create. The fax recipient number and document transmitted via these integrations are handled identically to data submitted through the web app. FaxSeal has no visibility into how a third-party tool collects or processes your data before calling our API — please review the privacy policy of any tool you connect. API tokens can be created and revoked at any time from your dashboard. Faxes sent via API are billed to the credits associated with the token and appear in your fax history.
We use Stripe for payment processing, SignalWire for fax transmission, and Google for optional OAuth sign-in. Each of these services has their own privacy policy. We share only the minimum data necessary with each provider (e.g. fax number with SignalWire, email with Stripe). VA Facilities API: FaxSeal retrieves VA Medical Center and VA health facility contact information from the US Department of Veterans Affairs Facilities API to display fax numbers in our VA hospital directory. We do not send any user data to this API — it is a read-only public data source. FaxSeal is not affiliated with or endorsed by the US Department of Veterans Affairs. Optional cloud storage integrations: you may import a PDF directly from Dropbox or Google Drive when sending a fax. If you use Dropbox import, the selected file is temporarily downloaded through our servers solely to validate and transmit it, then discarded within 7 days under the same document retention policy above. If you use Google Drive import, the file is downloaded directly in your browser using your Google OAuth token — that token and the file contents are never sent to FaxSeal's servers. We do not store, index, or retain any access to your Dropbox or Google Drive accounts beyond the single file you explicitly select for each fax.
If you sign in, we set a secure, httpOnly session cookie to keep you authenticated. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.
Fax job records (to number, status, tier, timestamp) are retained for up to 90 days for support purposes and then deleted. Account holders can request deletion of their account and associated data at any time via our contact form at faxseal.com/contact.
All data in transit is encrypted via TLS. Database connections use SSL. Payment data never touches our servers — Stripe handles all card processing under PCI-DSS compliance.
For privacy questions or data deletion requests, use our contact form at faxseal.com/contact.