export default {
  async fetch(request) {
    const url = new URL(request.url);

    if (url.pathname === "/privacy" || url.pathname === "/privacy/") {
      return new Response(`<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Privacy Policy – Timezoner</title>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
body{
font-family:Arial,Helvetica,sans-serif;
max-width:760px;
margin:40px auto;
padding:0 18px;
line-height:1.65;
color:#111;
}
h1{font-size:32px;margin-bottom:5px;}
h2{margin-top:28px;font-size:22px;}
p{margin:10px 0;}
</style>
</head>
<body>

<h1>Privacy Policy for Timezoner</h1>
<p><strong>Effective Date:</strong> March 8, 2026</p>

<p>Timezoner ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how our Chrome Extension collects, uses, and safeguards your information.</p>

<p>Because Timezoner is designed for sales professionals and operates on Customer Relationship Management (CRM) platforms, we have engineered the extension with a "local-first" architecture to ensure maximum data privacy and compliance.</p>

<h2>1. Information We Collect and How We Use It</h2>
<p>We only collect the minimum amount of data necessary to provide our services.</p>

<h3>A. Local Page Scanning (No Data Leaves Your Browser)</h3>
<p>To function, Timezoner requests permission to read the text on the web pages you visit.</p>

<p>The extension scans the page locally for area codes, phone numbers, and ZIP codes to calculate the correct timezone.</p>

<p><strong>Zero Payload:</strong> This scanning happens entirely offline within your browser using local databases. We do not transmit, log, or store any names, phone numbers, emails, CRM data, or personal information from the websites you browse.</p>

<h3>B. External API Requests (Pro Users Only)</h3>
<p>If you are a Timezoner Pro user and have the "Live Weather" feature enabled, the extension must contact our external servers to fetch weather data.</p>

<p>When this happens, the following specific data points are sent to our secure Cloudflare servers:</p>

<ul>
<li><strong>Your License Key:</strong> To verify your active Pro status.</li>
<li><strong>An Anonymous Device ID:</strong> A randomly generated string (UUID) created by your browser to lock your license to your specific hardware and enforce usage limits.</li>
<li><strong>Geographic Query:</strong> The specific State abbreviation (e.g., "FL") or ZIP code needed to fetch the weather. We never send full phone numbers or lead data to our weather API.</li>
</ul>

<h3>C. Local Browser Storage</h3>
<p>Timezoner uses your browser's native chrome.storage (both local and synced) to save your personal preferences. This includes:</p>

<ul>
<li>Theme settings (Dark/Light mode).</li>
<li>UI preferences (e.g., 24-hour time, emoji visibility).</li>
<li>Feature toggles (e.g., enabling/disabling ZIP code scanning).</li>
<li>Domain blocklists (websites where you have disabled the extension).</li>
</ul>

<p>This data is stored locally on your machine and/or synced via your Google account. We do not have access to this data.</p>

<h2>2. Information Sharing and Disclosure</h2>
<p>We do not sell, rent, or trade your personal information or browsing data to third parties. We do not use third-party analytics trackers (like Google Analytics) or advertising pixels within the extension.</p>

<h2>3. Data Retention</h2>
<p><strong>Server Data:</strong> License validation checks and API request logs on our Cloudflare servers are transient and used strictly for rate-limiting and abuse prevention.</p>

<p><strong>Local Data:</strong> Your settings and preferences remain in your browser's local storage until you uninstall the extension or clear your browser data.</p>

<h2>4. Security</h2>
<p>We take reasonable measures to protect your information. API communications between the Timezoner extension and our validation servers are encrypted via HTTPS.</p>

<p>Furthermore, our extension architecture strictly isolates injected CSS and JavaScript to prevent cross-site scripting conflicts.</p>

<h2>5. Your Choices and Controls</h2>
<p>You have full control over how Timezoner operates:</p>

<ul>
<li><strong>Disable on Specific Sites:</strong> You can disable the extension on specific domains from the popup.</li>
<li><strong>Toggle Features:</strong> You can disable phone scanning, ZIP scanning, or weather fetching in settings.</li>
<li><strong>Uninstall:</strong> Removing the extension deletes all locally stored preferences and the anonymous Device ID.</li>
</ul>

<h2>6. Changes to This Privacy Policy</h2>
<p>We may update this Privacy Policy from time to time. If significant changes occur, we will notify users via extension updates or our website.</p>

<h2>7. Contact Us</h2>
<p>If you have questions about this Privacy Policy or our data practices:</p>

<p>Email: support@verileads.net<br>
Website: verileads.net</p>

</body>
</html>`, {
        headers: {
          "content-type": "text/html; charset=UTF-8"
        }
      });
    }

    return new Response("Not found", { status: 404 });
  }
};