Privacy Policy

Blue Flame is a VS Code extension that allows you to browse and manage Google Cloud Firestore databases. This document describes how the extension handles your data.

Data Collection

Blue Flame does not collect, transmit, or store any personal data on external servers controlled by the extension author. The extension operates entirely within your local VS Code environment and communicates directly with your own Firebase or Google Cloud projects.

Data Storage

The extension stores the following information locally on your machine using VS Code built-in globalState storage:

• Connection metadata: connection names, Firebase project IDs, database IDs, and authentication mode (ADC or service account)
• Service account file paths: if you use service account authentication, the file path to your JSON key file is stored (the file contents are not copied or stored by the extension)

This data is stored in VS Code extension storage directory and is not transmitted externally.

External Communications

The extension communicates only with:

• Google Cloud and Firebase APIs: to read and write Firestore data, manage Firebase Authentication users, and perform other Firebase operations using your own credentials
• VS Code Marketplace: standard VS Code extension update checks (handled by VS Code, not the extension)

All communications with Firebase and Google Cloud use your own credentials (Application Default Credentials or your service account) and are subject to Google Privacy Policy and Terms of Service.

Credentials

The extension supports two authentication methods:

1. Application Default Credentials (ADC): uses credentials configured via gcloud auth application-default login. These credentials are managed by the Google Cloud SDK on your machine.
2. Service Account JSON: uses a service account key file you provide. The extension reads this file at runtime but does not copy, cache, or transmit the file contents except to Google authentication services.

You are responsible for protecting your credentials. Do not share service account files.

Telemetry

Blue Flame does not implement any custom telemetry or analytics. The extension does not track usage, collect error reports, or phone home.

VS Code itself may collect telemetry based on your settings. See the VS Code Privacy Statement for details.

Data You Access

When using the extension, you interact with data stored in your own Firebase projects. The extension provides a user interface for reading, creating, updating, and deleting:

• Firestore documents and collections
• Firebase Authentication users

This data is stored in and retrieved from your Firebase project, subject to your Firebase project security rules and Google Cloud data handling policies.

Your Control

• Remove connections: delete saved connections at any time via the extension context menu
• Revoke credentials: revoke ADC with gcloud auth application-default revoke or delete or disable service account keys in the Google Cloud Console
• Uninstall: uninstalling the extension removes locally stored connection metadata

Third-Party Services

The extension depends on:

• firebase-admin (Google): official Firebase Admin SDK for Node.js
• @vscode-elements/elements: UI components for webviews (no network activity)

Changes to This Policy

Any changes to this privacy policy are documented in the repository commit history and noted in the changelog.

Contact

If you have questions about this privacy policy, open an issue at github.com/timheuer/blue-flame/issues .

Last updated: February 2026