Last updated: June 2, 2026
This policy applies to HF Tools Notification Bridge and the HF Tools Realtime Helper browser extension.
Single purpose
The service syncs a user's authenticated Hack Forums realtime notification session to the user's own HF Tools bridge account so Hack Forums notifications can be delivered privately to the user's linked Telegram or Discord account.
Data collected
- Personally identifiable information: Hack Forums user ID and username, plus linked Telegram or Discord account identifiers used for notification delivery.
- Authentication information: Hack Forums session cookies needed to connect the user's realtime notification session.
- Personal communications: notification titles and message previews related to private messages, private convo messages, quotes, mentions, replies, and contract updates.
- Website content: Hack Forums notification text, thread/message titles, page links, and realtime metadata needed to identify and deliver notifications.
Data not collected
The service does not collect health information, financial or payment information, precise location, unrelated web browsing history, or user activity such as keystrokes, mouse movement, or general tab monitoring.
How data is used
Data is used only to connect the user's Hack Forums account, sync realtime notification access, deliver notifications to linked Telegram or Discord destinations, troubleshoot setup issues, and protect the bridge from abuse.
Sharing and transfers
HF Tools does not sell user data. Data is not transferred for advertising, creditworthiness, lending, or unrelated purposes. Notification content is sent to Telegram or Discord only when the user links that destination for private delivery. Hosting and infrastructure providers may process data only as needed to operate the service.
Storage and retention
Bridge account, destination, and realtime sync records are kept while the user uses the bridge. Temporary setup tokens are used during account linking. Users can stop future extension syncing by removing or disabling the extension and can request bridge data removal through the support page.
Security
Sync requests are sent over HTTPS. Sensitive session values are stored encrypted by the bridge. Users should never send passwords, cookies, API secrets, bot credentials, or bridge setup tokens in a support request.
Chrome Web Store Limited Use
The use and transfer of information received from Chrome extension permissions complies with the Chrome Web Store User Data Policy, including the Limited Use requirements.