The short version
- Everything happens on your device — there is no Otto server.
- Otto reads the verification email, fills in the code, then moves that email to your Trash — only while you are signing in.
- Nothing is stored on the internet, sold, or used to train AI.
- You can revoke access in one click, anytime.
What Otto can access
Otto connects to the inbox providers you choose — Gmail and Outlook/Hotmail — using each one's official sign-in. You can link up to five inboxes at once. For each, Otto requests permission to read and tidy mail:
- Gmail —
https://www.googleapis.com/auth/gmail.modify - Microsoft (Outlook/Hotmail) —
Mail.ReadWrite
Otto uses these to read the message that contains your verification code and, once the code has been read, to move that email to your Trash. You can switch this tidy-up off in Settings. Otto never sends email as you, and Trashed mail stays recoverable in your account.
What Otto does with it
Strictly one thing: find your 2FA code and fill it in. That means:
- No advertising, ever.
- No training of AI or machine-learning models.
- No human reading your email — extraction is automatic code running in your browser.
Where your data lives
On your computer, in your copy of Chrome. Otto has no database and no backend.
- Your emails, codes, and login token are never sent to a developer server.
- Your data is never shared, sold, or transferred to anyone.
- Recent codes are kept only in your browser's local storage, and you can clear them anytime.
Data security
We take reasonable measures to keep your information safe:
- All communication with each provider's mail API happens over encrypted HTTPS/TLS, so your data is protected in transit.
- Your verification codes and login token are stored securely on your local device, inside Chrome's protected extension storage — never on any external server.
- Because there is no backend, there is no central database that could be breached or leaked.
Data retention & deletion
Otto keeps data only as long as it is needed to do its job, and no longer:
- A verification code is read and used immediately; the email it came from is then moved to your Trash (recoverable in your account, and you can switch this off in Settings). Only a short local history of recent codes is kept so you can copy them again, and you can clear it any time with "Delete history".
- Your access is held as a temporary token in local storage. When you log out, the token and stored account details are deleted right away.
- When you uninstall the extension, Chrome removes all of Otto's local data automatically, and its access to your account ends.
Google API compliance
Otto's use of information from Google APIs follows the Google API Services User Data Policy, including the Limited Use requirements.
Staying in control
You can cut off Otto's access whenever you like from your account's connected-apps settings — for example Google or Microsoft. Uninstalling the extension removes its access and deletes all of its local data too.
Questions?
Email the developer directly at [email protected].