Privacy Policy

Home / Privacy Policy

Last updated: March 16, 2026

Data Disclosure Summary

This section provides a summary of how FociiSoftware Chrome extensions handle user data. This policy applies to all FociiSoftware products, including but not limited to: Ikariam Bot, GladBot, Tanoth Bot, BK Bot, and any other browser-based game automation extensions published by FociiSoftware. Each extension's single purpose is to automate gameplay tasks within its respective supported browser game.

What data is collected and where it goes:

  • Website content from supported game pages: The extension reads game page content (resource levels, building data, troop information, and other gameplay data). This data is stored locally on your device. If you enable Telegram notifications or commands, selected game data (e.g., resource counts, alert messages) is transmitted to the Telegram API to deliver messages to your configured chat.
  • Authentication information: The extension reads game session identifiers and request tokens from the game's web pages to perform game actions on your behalf. These tokens are sent only to the game's own server. They are never sent to our servers.
  • Personally identifiable information: If you create a FociiSoftware account to purchase a Pro license, your email address and password are transmitted to our license server over HTTPS. A hardware identifier is also transmitted to associate your license with your device.
  • CAPTCHA images: If you use the piracy automation feature, CAPTCHA images from the game may be transmitted to our server for automated solving, and optionally to Telegram for manual solving.

What data is NOT collected: We do not collect browsing history, data from websites unrelated to the supported game, keystrokes, form inputs, analytics, financial or payment card information, health information, location data, or any data unrelated to the extension's functionality.

Data sharing: We do not sell, share, or transfer any user data to third parties for advertising, analytics, or creditworthiness purposes. Data is only transmitted to: (1) the game's own server for game actions, (2) our license server for account and license management, (3) the Telegram API if you opt in to Telegram features, and (4) our payment processors (Stripe, PayPal, NOWPayments) if you make a purchase.

Limited Use Disclosure

FociiSoftware's use of information received from Chrome APIs adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically:

  • We only use permissions that collect personal or sensitive user data to provide or improve the extension's single purpose (game automation).
  • We do not transfer user data for personalized, re-targeted, or interest-based advertisements.
  • We do not transfer user data to advertising platforms, data brokers, or information resellers.
  • We do not use or transfer user data to determine creditworthiness or for lending purposes.
  • Human access to user data is limited to security investigations, legal compliance, or when the user provides explicit consent.

1. Introduction

Welcome to FociiSoftware ("Company," "we," "us," or "our"). We are committed to protecting your privacy. This Privacy Policy describes how our Chrome extensions and related services ("Service") collect, use, handle, store, and share user data.

This policy applies to all FociiSoftware products, including but not limited to: Ikariam Bot, GladBot, Tanoth Bot, BK Bot, and any other game automation extensions published by FociiSoftware. All of our extensions follow the same data practices described in this policy.

By installing or using our Service, you agree to the practices described in this policy. If you do not agree, please uninstall the extension and discontinue use.

2. Definitions

  • Personal Data / Personally Identifiable Information (PII): Any information that directly or indirectly identifies a natural person (e.g., name, email address, device identifier).
  • Sensitive User Data: As defined by the Chrome Web Store Developer Program Policies, this includes personally identifiable information, financial and payment information, health information, authentication information, website content, form data, and web browsing activity.
  • User / You: Any individual who installs, accesses, or uses our Service.
  • Supported Game: The specific browser-based game that the installed extension is designed to automate (e.g., Ikariam, Gladiatus, Tanoth, Blood Knights, etc.).
  • License Key: A unique activation code tied to your purchase, used to verify access to paid features.
  • Hardware Identifier (HWID): A device-derived identifier used to associate your license with your device and prevent unauthorized sharing.
  • Local Data: Information processed and stored entirely on your device using Chrome's extension storage APIs, never transmitted to external servers unless explicitly stated.

3. Data Collection — What We Collect, How, and Why

This section describes every category of user data that our extensions collect or access, how it is collected, why it is collected, where it is stored, whether it is transmitted off your device, and with whom it is shared.

3.1 Website Content (from Supported Game Pages Only)

  • What: Game page content including resource levels, building statuses, city/character data, troop or unit counts, research progress, marketplace listings, and other gameplay information displayed on the supported game's web pages.
  • How collected: The extension uses content scripts that run only on the supported game's domains to read the page DOM and game data objects.
  • Why collected: To provide the extension's core automation features — monitoring resources, automating upgrades, managing units, and executing in-game tasks on your behalf.
  • Where stored: Locally on your device, in Chrome's chrome.storage.local API.
  • Transmitted off device:
    • To the game's own server: Yes — the extension sends game actions (building upgrades, troop training, etc.) to the game's server, the same way the game itself does.
    • To the Telegram API (optional, user-initiated): If you enable Telegram notifications or commands, selected game data (such as resource counts, city names, alert messages, and task statuses) is transmitted to the Telegram Bot API to deliver messages to your configured Telegram chat. This feature is disabled by default and requires you to explicitly provide your Telegram Bot Token and Chat ID.
    • To our servers: No. Game content is never sent to FociiSoftware servers.
  • Shared with third parties: Only with Telegram, and only if you opt in to Telegram features. Not shared with any other third party.

3.2 Authentication Information (Game Session Tokens)

  • What: Game session identifiers and CSRF/request tokens used by the game to authenticate actions.
  • How collected: Read from the game page DOM and JavaScript objects when you are logged into the supported game.
  • Why collected: Required to send authenticated game requests (e.g., upgrading a building, training units) to the game's own server on your behalf.
  • Where stored: Locally on your device, in Chrome's chrome.storage.local API. Tokens rotate with each game request and are not persisted long-term.
  • Transmitted off device: Only to the game's own server (the same server the game itself sends them to). Never to FociiSoftware servers, Telegram, or any other destination.
  • Shared with third parties: No.

3.3 User-Configured Settings

  • What: Automation preferences, toggle states, and configuration values you set within the extension popup (e.g., which automations are enabled, resource thresholds). Also includes your Telegram Bot Token and Chat ID if you configure Telegram integration.
  • How collected: Entered by you directly within the extension's user interface.
  • Why collected: To remember your preferences and run automations according to your configuration.
  • Where stored: Locally on your device, in Chrome's chrome.storage.local API.
  • Transmitted off device: Your Telegram Bot Token is transmitted to the Telegram API when sending notifications or processing commands. No other settings leave your device.
  • Shared with third parties: Telegram Bot Token and Chat ID are shared with the Telegram API for notification delivery, only if you enable this feature.

3.4 Account Information (Pro Users Only)

  • What: Email address, password, and hardware identifier (HWID).
  • How collected: You provide your email and password when creating a FociiSoftware account or logging in within the extension. The hardware identifier is derived from your device automatically.
  • Why collected: Email and password are used for account authentication. The HWID is used to associate your license with your device and prevent unauthorized license sharing.
  • Where stored: Email and HWID are stored on our license server in an encrypted database. Authentication tokens (JWT) are stored locally on your device. We store a hashed version of your password — we never store plain-text passwords.
  • Transmitted off device: Yes. Email, password, and HWID are transmitted to our license server (ika.fociisoftware.com) over HTTPS during registration and login. Authentication tokens are transmitted during license status checks.
  • Shared with third parties: Email is shared with the payment processor (Stripe, PayPal, or NOWPayments) solely for transaction processing if you make a purchase. Not shared with anyone else.
  • Used for marketing: No. We do not send marketing emails, newsletters, or promotional material.

3.5 License Key

  • What: A unique license key string associated with your Pro purchase.
  • How collected: Generated by our server upon purchase and delivered to you.
  • Why collected: To verify that you have a valid Pro license and unlock paid features.
  • Where stored: Locally on your device in Chrome's chrome.storage.local API, and on our license server.
  • Transmitted off device: Yes. Transmitted to our license server over HTTPS for periodic validation (approximately every 6 hours).
  • Shared with third parties: No.

3.6 CAPTCHA Images (Piracy Feature Only)

  • What: CAPTCHA images presented by the game during piracy missions.
  • How collected: Captured from the game page when a piracy CAPTCHA is encountered.
  • Why collected: To solve CAPTCHAs automatically (via our AI solver) or manually (via Telegram), allowing piracy automation to continue.
  • Where stored: Temporarily in memory. Not persisted to disk.
  • Transmitted off device:
    • To our CAPTCHA solver server (ika.fociisoftware.com) over HTTPS for AI-based solving.
    • To the Telegram API (if configured) for manual solving as a fallback.
  • Shared with third parties: Shared with Telegram if Telegram is configured. CAPTCHA images sent to our server may be processed by a third-party CAPTCHA solving service (CapMonster) for automated solving.

4. Data We Do NOT Collect

Our extensions and servers do not collect, store, transmit, or share any of the following:

  • Financial or payment information (credit card numbers, bank details — these are handled entirely by our payment processors)
  • Health information
  • Browsing history or web browsing activity on websites unrelated to the supported game
  • Website content from any website other than the supported game's pages
  • Keystrokes, form inputs, or clipboard data (outside of the extension's own UI)
  • Personal files, photos, or documents on your device
  • Cookies or tracking identifiers from any website
  • Usage analytics, behavioral data, or telemetry
  • Location data (GPS, IP-based geolocation, etc.)
  • Audio, video, camera, or microphone data
  • Contacts, calendar, or social media data
  • Personal communications or message content

We do not use third-party analytics tools, advertising SDKs, tracking pixels, or any form of behavioral tracking within our extensions.

5. How We Use Collected Data

All data collected or accessed by our extensions is used solely to provide the extension's stated functionality (automating gameplay tasks within the supported game and related features such as notifications and license management). Specifically:

Data Type Purpose Stored Where Transmitted To Shared With Third Parties
Website content (game data) Run automations, display game status Your device only Game server; Telegram (if opted in) Telegram (if opted in)
Authentication info (game tokens) Execute authenticated game actions Your device only Game's own server only No
User settings Remember your configuration Your device only Telegram Bot Token sent to Telegram API (if opted in) Telegram (if opted in)
Email, password, HWID Account auth, license binding Our server + your device (tokens) Our license server (HTTPS) Payment processor (email only, for transactions)
License key / auth tokens Verify Pro license Our server + your device Our license server (HTTPS) No
CAPTCHA images Solve piracy CAPTCHAs Temporary memory only Our server; Telegram (if configured) CapMonster (via our server); Telegram (if configured)

We do not use any collected data for:

  • Advertising, marketing, or promotional purposes
  • Selling or transferring data to data brokers or information resellers
  • Serving personalized, re-targeted, or interest-based advertisements
  • Determining creditworthiness or for lending purposes
  • Purposes unrelated to the extension's single stated purpose

6. Data Sharing and Transfer

Here is a complete list of all parties that user data is shared with or transferred to:

  • The supported game's server: Game actions and session tokens are sent to the game's own server to execute automations. This is the same server the game normally communicates with.
  • FociiSoftware license server (ika.fociisoftware.com): Account information (email, password, HWID), license keys, auth tokens, and CAPTCHA images are transmitted over HTTPS for account management, license verification, and CAPTCHA solving.
  • Telegram API (api.telegram.org) — optional, user-initiated: If you enable Telegram integration, game notifications (alert messages, resource counts, city data, task statuses) and CAPTCHA images are sent to the Telegram API to deliver messages to your chat. This feature is disabled by default and requires you to provide your own Bot Token and Chat ID.
  • Payment processors (Stripe, PayPal, NOWPayments): If you purchase a license, your email and payment details are handled by the processor. We do not receive or store payment card information.
  • CapMonster (via our server): CAPTCHA images sent to our server may be forwarded to CapMonster, a third-party service, for automated solving.

We do not sell, rent, lease, trade, or otherwise transfer any user data to any party not listed above. We do not share data with advertising networks, data brokers, or analytics providers.

7. Chrome Extension Permissions

Our extensions request only the minimum permissions necessary for core functionality. Each permission and its justification:

  • Host permissions (supported game domains): Required to inject content scripts into the game's web pages to read game data and execute automation actions. Limited to the specific game's domains only.
  • Host permission (ika.fociisoftware.com): Required to communicate with our license server for account authentication, license verification, and CAPTCHA solving.
  • Host permission (api.telegram.org): Required to send notifications and receive commands via the Telegram Bot API, if you enable Telegram integration.
  • Storage (chrome.storage): Required to save your automation settings, cached game data, account credentials, and license information locally on your device.
  • Alarms (chrome.alarms): Required to schedule automated tasks (e.g., checking resources, running build queues) at user-configured intervals.
  • Notifications (chrome.notifications): Required to display browser notifications for in-game events such as incoming attacks or low resources.
  • Tabs (chrome.tabs): Required to query for open game tabs (to synchronize session tokens) and to open external links (e.g., checkout pages, Discord). The extension only queries tabs matching the game's URL pattern — it does not access URLs or content of unrelated tabs.
  • Offscreen (chrome.offscreen): Required to keep the service worker active during time-sensitive operations (e.g., attack monitoring) by maintaining a lightweight background document that sends periodic keep-alive signals. No data is collected or transmitted by this document.

No permissions are used to monitor, collect, or transmit your general browsing activity, personal information, or data from any website other than the supported game's pages.

8. Data Storage and Security

We implement the following measures to protect your data:

  • Local extension data (game data, tokens, settings) is stored using Chrome's chrome.storage.local API, which is sandboxed to the extension and inaccessible to other extensions, websites, or applications.
  • Server-side data (email addresses, hashed passwords, HWIDs, license keys) is stored in an encrypted database on our secure server with access restricted to authorized personnel only.
  • All network communications between the extension and our servers use HTTPS (TLS) encryption.
  • Telegram communications use HTTPS via the official Telegram Bot API.
  • Passwords are hashed before storage — we never store plain-text passwords on our server.
  • Server authentication uses industry-standard JWT tokens and HMAC signature verification to prevent unauthorized access and data tampering.
  • No data is transmitted via insecure channels — we never use HTTP or expose sensitive data in URL parameters.

While we implement reasonable technical and organizational measures to protect your data, no method of electronic transmission or storage is 100% secure.

9. Data Retention and Deletion

  • Local extension data: Stored on your device until you uninstall the extension or clear extension data via Chrome's settings (chrome://extensions). You have full control over this data at all times.
  • Account and license data: Your email, HWID, and license information are retained on our server for as long as your account remains active, plus any period required by applicable law. After account deletion or license expiration (and after any legally required retention period), this data is deleted from our servers.
  • CAPTCHA images: Processed in real-time and not persisted on our servers or Telegram after solving.
  • Payment transaction data: Retained by our payment processors (Stripe, PayPal, NOWPayments) according to their own privacy policies and legal requirements. We do not store payment card details.

You may request deletion of your personal data from our servers at any time by emailing [email protected]. We will process deletion requests within 30 days.

10. Your Rights

You have the following rights regarding your personal data:

  • Right to Access: You may request a copy of the personal data we hold about you.
  • Right to Correction: You may request correction of any inaccurate personal data.
  • Right to Deletion: You may request deletion of your personal data from our servers at any time. To delete local extension data, uninstall the extension or clear its storage via Chrome settings.
  • Right to Opt-Out: You may stop using the Service at any time by uninstalling the extension. You may disable Telegram integration at any time in the extension settings to stop data transmission to Telegram. No data will be collected after uninstallation.
  • Right to Data Portability: You may request your personal data in a commonly used, machine-readable format.
  • Right to Restrict Processing: You may request that we limit how we use your data.

To exercise any of these rights, contact us at [email protected]. We will respond to your request within 30 days.

11. Third-Party Services

We use the following third-party services. Each service processes data according to its own privacy policy:

  • Stripe (privacy policy): Processes credit/debit card payments for license purchases. We do not receive or store your card details.
  • PayPal (privacy policy): Processes PayPal payments for license purchases. We receive only your email and transaction confirmation.
  • NOWPayments (privacy policy): Processes cryptocurrency payments for license purchases. We receive only a transaction confirmation.
  • Telegram (privacy policy): Used for optional notification delivery and remote command processing. The extension sends game alerts, game status information, and CAPTCHA images to the Telegram Bot API using credentials you provide. Telegram integration is disabled by default and entirely optional.
  • CapMonster: Third-party CAPTCHA solving service. CAPTCHA images from the game may be processed by CapMonster (via our server) for automated solving. No personal data is sent to CapMonster — only CAPTCHA images.
  • Discord: Optional community support channel. Not required to use the Service. We do not share any user data with Discord.

We do not sell, rent, or share your personal information with any third party other than those listed above, and only to the extent strictly necessary to provide the extension's features.

12. Cookies

Our website (fociisoftware.com) may use essential cookies to maintain basic site functionality (e.g., session management). These cookies do not collect personally identifiable information and are not used for advertising, tracking, or profiling. You may disable cookies in your browser settings at any time.

Our Chrome extensions do not read, write, or use browser cookies from any website.

13. Children's Privacy

Our Service is not directed at individuals under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us at [email protected] and we will promptly delete it.

14. International Data Transfers

If you access our Service from outside the country where our servers are located, your data (including account information, license keys, and CAPTCHA images) may be transmitted across international borders. All such transfers occur over encrypted HTTPS connections. By using the Service, you consent to this transfer.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page. For material changes that affect how we handle user data, we will notify users through our Discord server or extension update notes. Continued use of our Service after changes constitutes acceptance of the revised policy. We encourage you to review this page periodically.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or our data practices, please contact us: