GhostPlayer

Privacy Policy

Last updated: April 11, 2026

GhostPlayer does not collect, store, or transmit any user data. Ever.

Single Purpose

GhostPlayer has one purpose: to float any HTML5 video on the current page into a frameless, always-on-top overlay window using the browser's Document Picture-in-Picture API. It does not browse the web, read page content for any other reason, or perform any action unrelated to detaching and controlling the video element the user explicitly selects.

Data Collection

GhostPlayer collects no data of any kind. The following categories are explicitly not collected:

Personally identifiable information (name, email, address, etc.)
Health or financial information
Authentication credentials
Personal communications
Location data or IP addresses
Browsing or web history
User activity (clicks, keystrokes, scroll, mouse position)
Website content (text, images, video frames, or metadata)
Usage statistics or analytics
Crash reports or error logs

Local Preferences

GhostPlayer saves two lightweight preferences to your device using chrome.storage.local:

The last overlay window size, so it reopens at the same size next time
The last playback speed selection (e.g. 1×, 1.5×)

These values are stored only on your device and are never transmitted anywhere. They are not accessible to any website or third party.

How the Extension Works

GhostPlayer operates entirely within your browser. When you click the GhostPlayer button on a video:

The video element is moved into a floating overlay window using the browser's built-in Document Picture-in-Picture API
All playback continues to be controlled by the original website's player
When the overlay is closed, the video element is returned to its original position on the page

No data leaves your device at any point during this process.

Network Requests

GhostPlayer makes zero network requests. It has no servers, no backend, and no external services of any kind. The only network activity is the Chrome Web Store's standard extension update process, which is managed entirely by the browser.

Remote Code

GhostPlayer does not use remote code. All JavaScript is bundled within the extension package. There are no external script tags, no dynamically fetched modules, and no use of eval() or equivalent runtime code execution.

Permissions

GhostPlayer requests only the minimum permissions required to fulfil its single purpose:

Permission	Justification
`activeTab`	Required to detect video elements on the current tab and inject the GhostPlayer button when the user is actively viewing a page with video content. Access is limited to the tab the user is on.
`storage`	Required to persist the overlay window size and playback speed preference locally on the user's device via `chrome.storage.local`. No data is synced or transmitted.
Host permission (`<all_urls>` via `content_scripts`)	Required to inject the hover button on any page the user visits that contains a video element. GhostPlayer cannot know in advance which sites the user will watch video on, so it must be able to run on all URLs. The content script only activates when a qualifying video element is present — it does not read, scrape, or transmit any page content.

Third Parties

GhostPlayer does not share any data with third parties — because it collects no data to share. There are no analytics providers, advertising networks, or data brokers involved.

Children's Privacy

GhostPlayer does not knowingly collect any information from anyone, including children under 13.

Changes to This Policy

If this policy changes, the updated version will be published here and reflected in the Chrome Web Store listing. The "Last updated" date at the top will reflect any changes.

Contact

Questions about this privacy policy? Email rjsgmlcho@proton.me.

GhostPlayer: Stealth Video Overlay