Privacy Policy

Last updated: May 5, 2026

Cano is a Chrome extension that syncs your Canvas LMS courses and assignments into Notion automatically. This policy explains what data Cano accesses, how it is used, and how it is protected.

1. What data Cano accesses

When you use Cano, it reads the following information from your Canvas account via your existing browser session:

• Course names, course codes, and instructor information
• Assignment titles, due dates, submission status, and grades
• Your Canvas domain (e.g. canvas.uts.edu.au)

Cano does not access your Canvas password, personal messages, files, or any data outside of courses and assignments.

2. How Cano uses your data

The data read from Canvas is used solely to create and update pages in your connected Notion workspace. Specifically:

• Course information is written to a Courses database in Notion
• Assignments are written to an Assignments database in Notion
• Existing personal notes or status labels you have added in Notion are never overwritten

Cano does not use your data for advertising, analytics, or any purpose other than syncing to Notion.

3. Data storage and retention

Cano stores the following locally in your browser using Chrome's storage API:

• Your Notion access token (obtained via Notion OAuth)
• Your Canvas domain URL
• Your Notion database IDs
• The timestamp of the last successful sync

This data is stored only on your device and is never transmitted to any third party other than the services described below. You can clear this data at any time by removing the extension from Chrome.

4. Third-party services

Cano communicates with the following third-party services:

• Notion API — to create and update pages in your Notion workspace. Your Notion access is authorised via Notion's official OAuth flow. See Notion's Privacy Policy.
• Cano backend — Cano's own server handles the Notion OAuth token exchange securely. The server does not store your Notion token or any personal data after the exchange is complete.
• Canvas LMS — Cano reads Canvas data using your existing browser session. No Canvas credentials are stored by Cano.

5. Permissions

Cano requests the following Chrome permissions and uses them as follows:

• storage — saves your Notion token and sync settings locally on your device
• identity — opens Notion's OAuth login flow so you can connect your Notion account securely
• alarms — schedules automatic background syncs once per hour
• tabs — detects when you navigate to a Canvas page to trigger a sync
• scripting — injects a content script on Canvas pages to read assignment data from the page
• host permissions (Canvas domains) — required to run the content script on Canvas pages
• host permissions (api.notion.com) — required to send data to Notion's API

6. Data sharing

Cano does not sell, rent, or share your personal data with any third parties beyond the services described in Section 4. Cano does not collect analytics or usage data.

7. Children's privacy

Cano is intended for university students aged 18 and over. It does not knowingly collect data from anyone under the age of 13.

8. Changes to this policy

If this privacy policy changes, the updated version will be posted at this URL with a revised "Last updated" date. Continued use of Cano after any changes constitutes acceptance of the updated policy.

9. Contact

If you have any questions about this privacy policy or how Cano handles your data, please contact:

yuna.son.au@gmail.com