privacy | Ascent HI

Ascent HI

Chrome Extension

Effective Date: March 21, 2026 | Version 1.0

CHROME WEB STORE COMPLIANCE STATEMENT This document has been prepared in full compliance with the Chrome Web Store Developer Program Policies (last updated May 22, 2025), the Chrome Web Store User Data Policy (Limited Use requirements), and applicable privacy laws including GDPR (EU/EEA), CCPA (California), and PIPEDA (Canada). This package contains: (1) the full Privacy Policy for publication, (2) the Single Purpose Description, (3) individual permission justification statements for all manifest permissions, and (4) the Limited Use Compliance Disclosure.

PART 1: PRIVACY POLICY

Publish this policy at your public URL (e.g. https://ascenthi.com/privacy) and link to it in the Chrome Web Store Developer Dashboard.

ASCENT HI CHROME EXTENSION

Effective Date: March 21, 2026 | Last Reviewed: March 21, 2026

1. Introduction and Scope

This Privacy Policy ("Policy") describes how LightSkai LLC, operating the Ascent HI platform ("Ascent HI," "we," "our," or "us"), collects, uses, stores, discloses, and protects information in connection with the Ascent HI Chrome Extension (the "Extension"). This Policy applies to all users of the Extension installed through the Google Chrome Web Store.

The Extension is a professional AI-powered sales coaching tool that enables sales professionals and their coaches to record, submit, and analyze sales conversations directly from their web browser without leaving their current workflow. The Extension operates as a side panel within Google Chrome.

By installing and using the Extension, you agree to the collection and use of information in accordance with this Policy. If you do not agree to this Policy, please do not install or use the Extension.

CHROME WEB STORE LIMITED USE DISCLOSURE (Required) The use of information received through the Ascent HI Chrome Extension will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements. User data is used solely to provide the core recording and AI coaching analysis features described in this Policy and in the Extension's Chrome Web Store listing. Data is never sold, transferred to data brokers, used for advertising, or used to determine creditworthiness.

2. Who We Are — Data Controller Information

Field

Details

Legal Entity

LightSkai LLC

Product Name

Ascent HI Chrome Extension

Platform

LightSkai (white-label coaching platform)

Primary Contact

privacy@lightskai.com

Support Contact

support@lightskai.com

Infrastructure Region

EU (eu-central-1, Frankfurt) — production; us-east-2 (Ohio) — development

Data Processor

Amazon Web Services (AWS) — EU-based infrastructure for production data

For users in the European Economic Area (EEA) or United Kingdom, LightSkai LLC acts as the Data Controller under the General Data Protection Regulation (GDPR) and UK GDPR respectively. For users in California, LightSkai LLC is a Business under the California Consumer Privacy Act (CCPA) as amended by the CPRA.

3. Who This Extension Is For

The Ascent HI Extension is designed exclusively for:

Sales professionals (sales representatives, account executives, business development representatives) who are active clients of a LightSkai-powered coaching subscription
Sales managers and executives enrolled in a coaching program through a licensed LightSkai coach
The Extension is not intended for general public use. To use the coaching features, users must have an active account created and provisioned by a licensed LightSkai coach.

IMPORTANT: The Extension does not allow self-registration. All user accounts are created and managed exclusively by licensed coaches through the LightSkai platform. Users cannot create accounts directly through the Extension.

4. Data We Collect — Complete Inventory

We collect only the minimum data necessary to provide the Extension's core functionality. The following is a comprehensive inventory of all data collected, organized by category.

4.1 Authentication and Account Data

When you sign in to the Extension, we collect:

Email address — used as your unique account identifier for Cognito authentication
Amazon Cognito ID token (JWT) — a cryptographic token containing your user ID (sub), email, role, subscription ID, and tenant ID; stored encrypted in chrome.storage.local
Amazon Cognito refresh token — used to maintain your session without requiring repeated sign-in; stored encrypted in chrome.storage.local
Amazon Cognito access token — used for API authorization; stored encrypted in chrome.storage.local

Authentication is performed using Amazon Cognito SRP (Secure Remote Password) protocol. Passwords are never transmitted to our servers in plaintext — they are used locally to perform the SRP challenge and never stored by the Extension.

4.2 Audio Recording Data

When you initiate a recording session, the Extension captures:

Microphone audio — audio from your physical microphone (your voice and ambient sounds within microphone range), captured using the Web Audio API via getUserMedia()
Tab audio (meeting platform audio) — the audio stream from the active browser tab you were on when you clicked the Extension icon to open the side panel. This captures all audio playing in that specific tab, which in a meeting context includes both your voice and remote participants' voices.
Mixed audio stream — the microphone and tab audio streams are mixed locally in your browser using the Web Audio API (AudioContext) and recorded as a single WebM/Opus audio file
Recording duration — the elapsed time of each recording session
Recording timestamp — the date and time the recording was created

KEY PRIVACY PRINCIPLE — LOCAL MIXING All audio mixing occurs entirely within your browser using the Web Audio API. Raw audio streams are never transmitted separately to our servers. Only the final mixed audio file is uploaded to our secure cloud storage (AWS S3) for analysis. No audio is processed or transmitted until you explicitly click the "Submit for Coaching" button.

Tab audio capture is strictly limited to the specific browser tab that was active when you clicked the Extension icon. The Extension cannot and does not access audio from any other tab, other browser windows, or your desktop audio outside of the designated meeting tab.

4.3 File Upload Data

If you upload a file for coaching analysis rather than recording, we collect:

The file itself — audio files (MP3, M4A, WAV, AAC, FLAC), video files (MP4, MOV, WEBM), or document files (PDF, DOCX, TXT) that you explicitly select and submit
File metadata — filename, file size in bytes, file type/MIME type
Upload preferences — whether to include video analysis (for video files), selected meeting type, and selected coaching playbook ID

Files are transmitted directly from your browser to Amazon S3 using time-limited presigned URLs over TLS 1.2+. File content is never routed through our application servers.

4.4 Coaching Job and Analysis Data

When a recording or file is submitted:

Job identifier — a unique ID assigned to each coaching session submission
Upload identifier — a unique multipart upload ID assigned by AWS S3
Coach association — your coach's user ID is associated with your submission so they can access and review your coaching session
Submission timestamp — when the job was submitted for analysis
Analysis outputs — AI-generated coaching feedback, scorecard results, coaching moments, and coaching insights produced by our AI pipeline (Anthropic Claude API) and stored in your coaching history

4.5 Branding and Configuration Data

When the Extension loads, it retrieves your coach's branding configuration from our API:

Coach display name, title, and profile photo URL
Coach's custom logo URL
Subscription plan details (plan type, credit balance)
This data is fetched on demand and is not stored persistently in the Extension.

4.6 Extension Preferences (Local Storage Only)

The following data is stored only in chrome.storage.local on your device and is never transmitted to our servers:

Dark/light theme preference
Whether the onboarding splash screen has been seen (boolean flag)
User mode selection (coach-linked or no-coach mode)
Whether no-coach mode was intentionally selected (boolean flag)

4.7 Data We Do NOT Collect

The following data is explicitly NOT collected by the Ascent HI Extension: • Browsing history or web browsing activity • Cookies from any website • Content of any webpage you visit • Keystrokes, form inputs, or passwords • Screen captures or screenshots • Video from your camera or webcam • Location data (GPS, IP-based, or otherwise) • Device fingerprinting information • Analytics or behavioral tracking data • Data from any tab other than the designated meeting tab • Audio from your device outside of active recording sessions • Payment or financial information • Health or biometric information

5. How We Use Your Data — Legal Basis and Purpose

We process your personal data for the following specific purposes, each grounded in a lawful basis:

Processing Purpose

Legal Basis / Justification

Authenticating your identity and maintaining your session

Contractual necessity — required to provide the service you have subscribed to

Storing authentication tokens between browser sessions

Contractual necessity — enables you to remain signed in without re-entering credentials on each launch

Uploading audio recordings and files to secure cloud storage

Contractual necessity and explicit user consent — you initiate each upload by clicking "Submit for Coaching"

Running AI analysis on submitted audio/files

Contractual necessity — the AI coaching analysis is the core service you and your coach have subscribed to

Displaying your coach's branding and profile information

Contractual necessity — required to personalize the coaching relationship and identify your coach

Displaying your credit balance and plan information

Contractual necessity — required to inform you of available coaching sessions

Displaying coaching history and analysis results

Contractual necessity — the primary deliverable of the coaching service

Storing theme and onboarding preferences locally

Legitimate interest — improves user experience without processing personal data on our servers

Security monitoring and abuse detection

Legitimate interest — protects the integrity of the platform and all users

Compliance with legal obligations

Legal obligation — required by applicable laws and regulations

6. Data Sharing and Third-Party Disclosure

We do not sell, rent, or trade your personal data. We do not share data with advertising platforms, data brokers, or information resellers. Data is shared only in the following limited circumstances:

6.1 Your Coach

Your submitted coaching sessions (audio recordings, analysis results, scorecard data) are accessible to your assigned coach through the LightSkai platform. This sharing is the fundamental purpose of the service and is disclosed at the time of subscription and in the Extension's description. Your coach is bound by their LightSkai Coach Agreement, which includes confidentiality obligations.

6.2 Infrastructure and Service Providers

We use the following sub-processors to deliver the service. All are bound by data processing agreements and operate under appropriate security standards:

Service Provider

Purpose and Data Handled

Amazon Web Services (AWS) — EU (eu-central-1, Frankfurt)

Cloud infrastructure (Aurora PostgreSQL database, Lambda functions, S3 file storage, API Gateway, Cognito authentication). All production user data is processed and stored in the EU region. DPA in place.

Anthropic (Claude API)

AI transcript analysis and coaching insight generation. Audio transcripts (not raw audio) are processed by the Claude API to generate coaching feedback. Data is processed under Anthropic's API terms.

AssemblyAI

Audio transcription service. Audio files are transmitted to AssemblyAI for speech-to-text conversion before AI analysis. Data processed under AssemblyAI's DPA.

Amazon Cognito (AWS)

User authentication and identity management. Handles SRP authentication challenge/response. Part of AWS infrastructure.

6.3 Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority, or if we reasonably believe that disclosure is necessary to: (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing in connection with the service; (d) protect the personal safety of users or the public; or (e) protect against legal liability.

6.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of all or substantially all of our assets, your personal data may be transferred as part of that transaction. We will provide you with prior notice before your data is transferred and becomes subject to a different privacy policy, and we will obtain your explicit prior consent as required by applicable law and the Chrome Web Store User Data Policy.

7. Data Storage, Retention, and Security

7.1 Storage Locations

Authentication tokens — stored encrypted in chrome.storage.local on your local device only. Chrome encrypts this storage using your OS-level user profile credentials.
Extension preferences — stored in chrome.storage.local on your local device only. Never transmitted to our servers.
Audio files and coaching data — stored in AWS S3 (eu-central-1) and Aurora PostgreSQL (eu-central-1) on our secure cloud infrastructure.

7.2 Retention Periods

Data Type

Retention Period

Authentication tokens (local)

Retained until you sign out or uninstall the Extension

Local extension preferences

Retained until you uninstall the Extension or clear Chrome storage

Audio recordings (cloud)

Retained for the duration of your active coaching subscription, plus 90 days after subscription termination, unless deletion is requested earlier

Coaching analysis results

Retained for the duration of your active coaching subscription, plus 90 days after subscription termination

Account data (email, Cognito profile)

Retained for the duration of your account, plus 30 days after account closure to allow for dispute resolution

Server and API logs

Retained for 90 days for security and debugging purposes, then deleted

7.3 Security Measures

We implement the following technical and organizational security measures:

Transport encryption — all data transmitted between the Extension and our servers uses TLS 1.2 or TLS 1.3. File uploads use HTTPS-only presigned S3 URLs.
Authentication security — Cognito SRP (Secure Remote Password) authentication ensures passwords are never sent in plaintext. JWT tokens are short-lived (60 minutes) with automatic refresh using refresh tokens.
Token storage — authentication tokens are stored in chrome.storage.local, which is encrypted by Chrome using OS-level user credentials and inaccessible to other extensions or web pages.
Principle of least privilege — the Extension requests only the permissions necessary for its stated functionality. No broad host permissions, no "<all_urls>" access, no content script injection.
No remote code execution — the Extension does not load or execute any remotely hosted JavaScript. All code is bundled and verified at install time.
No diagnostic logging in production — all console.log statements logging user data, API responses, or file identifiers are stripped from the production build.
Infrastructure security — AWS infrastructure is protected by VPC network isolation, IAM least-privilege policies, encrypted Aurora PostgreSQL storage, and S3 server-side encryption (AES-256).

8. Audio Recording — Special Disclosure

IMPORTANT NOTICE REGARDING AUDIO RECORDING The Ascent HI Extension records audio from your microphone and from the browser tab where your meeting is taking place. Audio recordings may capture the voices of other participants in your meeting. It is your sole responsibility to: 1. Obtain all necessary consents from meeting participants before recording 2. Comply with all applicable wiretapping, eavesdropping, and call recording laws in your jurisdiction and the jurisdictions of all other participants (e.g., all-party consent states/countries) 3. Disclose the existence of recording to all participants as required by law LightSkai LLC assumes no liability for your failure to obtain required consents or comply with applicable recording laws.

The recording feature is designed exclusively for professional sales coaching purposes. Recording is initiated only by an explicit user action (clicking the Record button). The Extension does not record passively or continuously — recording begins only when you click Start Recording and ends only when you click Stop.

Tab audio capture is strictly limited to the single browser tab that was active when you opened the Extension side panel. The Extension cannot access audio from other tabs, other Chrome windows, system audio, or applications outside of Chrome.

9. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

9.1 Rights Under GDPR (EU/EEA Users)

Right of access — request a copy of all personal data we hold about you
Right to rectification — request correction of inaccurate or incomplete data
Right to erasure ("right to be forgotten") — request deletion of your personal data
Right to restrict processing — request that we limit how we process your data
Right to data portability — receive your data in a structured, machine-readable format
Right to object — object to processing based on legitimate interests
Right to withdraw consent — where processing is based on consent, withdraw at any time without affecting prior processing
Right to lodge a complaint — file a complaint with your national supervisory authority (e.g., your country's Data Protection Authority)

9.2 Rights Under CCPA/CPRA (California Users)

Right to know — request disclosure of the categories and specific pieces of personal data collected about you
Right to delete — request deletion of your personal data (subject to certain exceptions)
Right to correct — request correction of inaccurate personal data
Right to opt out of sale or sharing — we do not sell or share personal data for cross-context behavioral advertising
Right to limit use of sensitive personal information — request limitation on the use of sensitive personal data
Right to non-discrimination — we will not discriminate against you for exercising your privacy rights

9.3 Exercising Your Rights

To exercise any of the above rights, contact us at:

Email: privacy@lightskai.com
Subject line: "Privacy Rights Request — [Your Name]"

We will respond to verifiable requests within 30 days (GDPR) or 45 days (CCPA). We may request verification of your identity before processing requests. We will not charge a fee for reasonable requests.

9.4 Data Deletion via Extension Uninstall

When you uninstall the Extension, all locally stored data (authentication tokens, preferences) is automatically deleted by Chrome. To request deletion of data stored on our servers (recordings, analysis, account data), submit a written request to privacy@lightskai.com.

10. Children's Privacy

The Extension is not directed to, and we do not knowingly collect personal information from, individuals under the age of 18. The Extension is a professional tool intended exclusively for working sales professionals in an active coaching relationship. If we become aware that we have collected personal data from a person under 18 without verification of parental consent, we will take steps to delete that information as quickly as possible.

If you are a parent or guardian and believe we may have inadvertently collected information from your child, please contact us immediately at privacy@lightskai.com.

11. International Data Transfers

LightSkai LLC is based in the United States. Our production infrastructure is located in the EU (AWS eu-central-1, Frankfurt, Germany) to ensure GDPR compliance for European users. If you are located in the EU/EEA, your data is processed within the EU and is not transferred outside of it for production operations.

For users outside the EU/EEA, your data will be processed on our EU-based infrastructure. By using the Extension, you consent to the transfer of your information to the EU. We ensure that all cross-border transfers comply with applicable data transfer laws, including the use of Standard Contractual Clauses (SCCs) where required.

12. Cookie and Tracking Technology Notice

The Ascent HI Chrome Extension does not use cookies, web beacons, pixel tags, or any other tracking technologies to collect information about your browsing activity. The Extension operates entirely within the Chrome extension sandbox and does not inject content scripts, tracking pixels, or any code into websites you visit.

Authentication tokens are stored in chrome.storage.local (a Chrome-managed, extension-isolated storage mechanism), not in browser cookies.

13. Automated Decision-Making

The Extension uses AI (Anthropic's Claude API) to analyze your submitted coaching sessions and generate coaching feedback, scorecards, and insights. This constitutes automated processing of your personal data for the purpose of evaluating your sales performance.

The AI-generated outputs are coaching recommendations and are not used to make legally significant decisions about you (such as employment decisions, credit decisions, or legal determinations). All AI outputs are reviewed by your human coach and are presented as coaching guidance only. If you have questions about how AI analysis is applied to your data, contact privacy@lightskai.com.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

We will update the "Effective Date" at the top of this Policy
We will post the updated Policy at the URL linked in the Chrome Web Store listing
For material changes that affect how we use data you have already provided, we will provide notice through the Extension interface or by email
Your continued use of the Extension after the effective date of any update constitutes your acceptance of the revised Policy

We recommend reviewing this Policy periodically to stay informed about how we protect your information.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Contact Type

Details

Privacy inquiries

privacy@lightskai.com

General support

support@lightskai.com

Mailing address

LightSkai LLC, [Your Address]

Response time

Within 5 business days for general inquiries; 30 days for formal rights requests

For EU/EEA users: If you are not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority. A list of EU supervisory authorities can be found at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

PART 2: CHROME WEB STORE DEVELOPER DASHBOARD FIELDS

Copy and paste the following content into the corresponding fields in the Chrome Web Store Developer Dashboard under Privacy practices.

Field 1: Single Purpose Description

PASTE THIS INTO: Developer Dashboard → Privacy practices → Single purpose description Ascent HI is a focused sales coaching assistant. Its single purpose is to enable sales professionals to record, upload, and submit their sales conversations to their coach for AI-powered analysis and human coaching feedback — all from within their browser, without switching applications. The Extension serves one workflow: capture a meeting recording or upload a conversation file, submit it to the coaching pipeline, and receive structured coaching insights. All features — recording, uploading, branding, and credit display — directly and exclusively support this single coaching submission workflow.

Field 2: Permission Justifications

The following justification statements must be entered for each permission listed in the Developer Dashboard. Each permission listed in your manifest will appear as a separate row requiring a justification.

2.1 tabCapture

PERMISSION: tabCapture JUSTIFICATION (paste this): tabCapture is required to record the audio stream of the meeting tab (Google Meet, Zoom, Microsoft Teams, Webex, GoToMeeting, or RingCentral) for sales coaching analysis. When a user is on a supported meeting platform and clicks the extension icon to open the side panel, chrome.tabCapture.getMediaStreamId() is called with the specific meeting tab ID. This stream ID is immediately passed to getUserMedia() to capture only the audio from that single designated tab. The captured audio is mixed with microphone audio entirely within the browser using the Web Audio API and recorded locally as a WebM file. No audio is transmitted to any server until the user explicitly clicks "Submit for Coaching." Tab capture is strictly limited to the one meeting tab the user designates — the extension cannot and does not access audio from any other tab, window, or system source. The tabCapture permission cannot be replaced by any less-privileged API because getUserMedia() with chromeMediaSource:'tab' requires a stream ID issued by this API, and getDisplayMedia() would require the user to manually select a screen/tab on every recording, creating an unacceptable friction in the professional coaching workflow.

2.2 activeTab

PERMISSION: activeTab JUSTIFICATION (paste this): activeTab is required in conjunction with tabCapture to identify the specific browser tab to capture. When the user clicks the extension icon (a direct user gesture), activeTab grants the extension temporary access to read the active tab's ID and title. The tab ID is used as the targetTabId argument to chrome.tabCapture.getMediaStreamId() — this is how the extension identifies which specific meeting tab to record. The tab title is used only to generate a default filename for the recorded audio file (e.g., "Google_Meet_2026-03-21.webm"). activeTab access is temporary, granted only upon user invocation, and is not used to read, modify, or inject content into the tab. No tab data is transmitted to our servers. The activeTab permission cannot be replaced with a narrower permission because the tab ID is required for tabCapture stream ID generation.

2.3 storage

PERMISSION: storage JUSTIFICATION (paste this): storage (chrome.storage.local) is required to persist two categories of data between browser sessions: (1) authentication tokens — the Cognito ID token, access token, and refresh token are stored encrypted in chrome.storage.local so users do not need to re-enter their credentials every time they open the extension; and (2) user preferences — the user's dark/light theme selection, whether the onboarding screen has been seen, and the user mode (coach-linked or no-coach) are stored locally. No sensitive data is stored in chrome.storage.sync. chrome.storage.local is the appropriate mechanism for this data because it is isolated to the extension, encrypted by Chrome using OS-level user credentials, and inaccessible to web pages or other extensions.

2.4 sidePanel

PERMISSION: sidePanel JUSTIFICATION (paste this): sidePanel is required to render the extension's user interface as a Chrome side panel rather than a popup or new tab. The side panel layout is architecturally essential for the coaching use case: users need to monitor their meeting on the primary tab while simultaneously viewing their recording controls, credit balance, and coaching submission form in the side panel. A popup would close when the user clicks elsewhere, interrupting an active recording. A new tab would require the user to navigate away from their meeting. The side panel is the only Chrome UI surface that allows persistent, non-intrusive coexistence with an active meeting tab.

2.5 Host Permissions (Meeting Platforms)

HOST PERMISSIONS: https://meet.google.com/* https://*.zoom.us/* https://teams.microsoft.com/* https://*.webex.com/* https://*.gotomeeting.com/* https://*.ringcentral.com/* JUSTIFICATION (paste this): Host permissions are restricted to the six most widely used enterprise video conferencing platforms. These permissions are required for chrome.tabCapture to capture audio from tabs on these domains — without host permissions for a domain, Chrome does not permit tab audio capture on that domain. No content scripts are injected into these pages. No data is read from these pages. No cookies, form data, or page content is accessed. The permissions are used solely and exclusively to authorize the tab audio capture stream. The extension has deliberately avoided requesting <all_urls> or broad host permissions, choosing instead to enumerate only the specific meeting platforms it supports. Each domain listed represents a major enterprise meeting platform used by the sales professionals who are the extension's target audience. No other domains are accessed by tab capture.

Field 3: Remote Code Declaration

REMOTE CODE USE: Select: "No, I am not using remote code." The extension does not load or execute any remotely hosted JavaScript, CSS, or other executable content. All code is bundled by Vite/Rollup at build time and included in the extension package submitted to the Chrome Web Store. The background service worker, side panel React bundle, and grant-mic popup scripts are all self-contained within the extension package. No dynamic import() of remote URLs is used. The Content Security Policy in the manifest enforces this: "script-src 'self'; object-src 'self'".

Field 4: Data Collection Certification

In the Privacy practices tab, certify the following data types as collected. Check all that apply:

Data Type

Collected? / Notes

Personally identifiable information

YES — email address, Cognito user ID

Authentication information

YES — Cognito JWT tokens stored in chrome.storage.local

Personal communications

YES — audio recordings of sales conversations (submitted explicitly by user)

Health information

Financial and payment information

Location

Web history

User activity

NO — no behavioral tracking or analytics

Website content

For each data type you certify as collected, you must also certify the following:

The data is used only for the extension's single purpose — CONFIRM YES
The data is not sold to third parties — CONFIRM YES (we do not sell data)
The data is not used or transferred for purposes unrelated to the extension's single purpose — CONFIRM YES
The data is not used or transferred to determine creditworthiness or for lending purposes — CONFIRM YES

PART 3: STORE LISTING DESCRIPTION (Recommended)

This description is recommended for your Chrome Web Store listing. It is designed to be transparent about data use, which Chrome Store reviewers look for.

Short Description (132 characters max)

AI-powered sales coaching: record meetings, submit conversations, and get structured coaching feedback from your coach.

Full Description

Ascent HI brings your sales coaching directly into your browser. WHAT IT DOES Record sales calls, upload conversation files, and submit them to your coach for AI-powered analysis and structured coaching feedback — all without leaving your browser tab. KEY FEATURES • Record meetings on Google Meet, Zoom, Microsoft Teams, Webex, GoToMeeting, and RingCentral • Upload audio, video, PDF, or text files for coaching analysis • View AI-generated coaching moments, insights, and scorecards • See your coaching credit balance and plan details • Dark and light theme support WHO IT'S FOR Ascent HI is exclusively for sales professionals enrolled in a LightSkai-powered coaching program. An active coaching account is required. Accounts are provisioned by your coach — self-registration is not available. PRIVACY We take privacy seriously: • Recording starts only when YOU click Record — no passive or background recording • Files are uploaded only when YOU click Submit — nothing is sent automatically • We never access your browsing history, cookies, or webpage content • Tab audio capture is limited to the single meeting tab you designate • All data is transmitted over TLS and stored in the EU (AWS Frankfurt) • Full privacy policy: https://ascenthi.com/privacy REQUIRED PERMISSIONS • Microphone: to record your side of the conversation • Tab capture: to record meeting audio from supported platforms (Google Meet, Zoom, Teams, Webex, GoTo, RingCentral only) • Storage: to keep you signed in between sessions • Side panel: to display controls alongside your meeting tab This extension is provided by LightSkai LLC. For support: support@lightskai.com

PART 4: PRE-SUBMISSION CHECKLIST

Complete every item before submitting to the Chrome Web Store.

Code and Build

Submit only the dist/ folder — do not include node_modules, src/, or .DS_Store files
Confirm npm run build completes without errors or TypeScript type errors
Confirm manifest.json version is updated (currently 1.0.0)
Confirm no eval() or remote code execution in the bundle
Confirm all console.log statements with sensitive data are removed from production bundle
Confirm web_accessible_resources is not present (already removed)

Privacy and Policy

Publish Privacy Policy at a public URL (e.g. https://ascenthi.com/privacy)
Link Privacy Policy URL in the Chrome Web Store Developer Dashboard designated field
Certify Limited Use compliance in the Developer Dashboard
Complete all permission justification fields in the Developer Dashboard
Select "No remote code" in the Developer Dashboard

Listing Assets

128x128 extension icon (already done — icons/icon128.png)
At least 1 screenshot (1280x800 PNG recommended) showing the extension in use
Promotional tile image (440x280 PNG) — optional but improves discoverability
Short description (132 chars max) — use text from Part 3
Full description — use text from Part 3
Category: Productivity

Account Requirements

Enable 2-Step Verification on your Google developer account (required since 2023)
Verify developer account email can receive external emails (not spam-filtered)
Pay Chrome Web Store one-time developer registration fee ($5) if not already paid

Before Switching to Production

Switch API_BASE_URL from us-east-2 (dev) to eu-central-1 (prod) endpoint in ApiClient.ts
Disable Cognito self-registration on the prod user pool in eu-central-1 (already done on dev pool)
Add production Stripe webhook secret to Lambda environment variables in eu-central-1
Verify all Lambda functions in eu-central-1 have correct AURORA_CLUSTER_ARN, AURORA_SECRET_ARN, AURORA_DATABASE env vars

FINAL NOTE Chrome Web Store review typically takes 1-3 business days for new extensions. Extensions using tabCapture and activeTab permissions may receive additional scrutiny and take up to 7 business days. If rejected, Google will provide a reason. The most common reasons for rejection are: (1) insufficient permission justification — mitigated by the detailed justifications in Part 2; (2) missing or inadequate privacy policy — mitigated by the policy in Part 1; (3) unclear single purpose — mitigated by the single purpose description in Part 2. Respond to any reviewer requests within 3 business days to avoid extended delays.