Last updated: April 19, 2026
R-Data is a diagram migration platform consisting of a Chrome Extension, a web backend, and a FigJam plugin. R-Data extracts structured data from visual document platforms (Lucidchart, Lucidspark, Miro, and FigJam) and migrates it between platforms — or exports it as a portable ZIP archive. The extraction happens in the user's own browser using their existing platform sessions.
Supported migration routes: Miro to FigJam, Lucidchart to FigJam, Lucidspark to FigJam, Lucidchart to Miro, FigJam to Miro, and ZIP export from any source.
R-Data accesses document data from source platforms via the user's own browser session or OAuth authorization. The Chrome Extension makes HTTP requests using cookies already present in the user's browser. We access:
For Lucidchart, data is accessed via the user's browser cookies on lucid.app domains.
For Figma/FigJam, data is accessed either via Figma OAuth 2.0 authorization or via the user's existing Figma browser session (cookie-based auto-detection).
For Miro, data is accessed via Miro OAuth 2.0 authorization.
For the optional Permissions migration feature, the extension reads account directory data from your Lucid account via users.lucid.app: the email addresses, roles, and group memberships of other members of your Lucid account. This data is sent to R-Data servers solely to match those emails against Miro board invitees and apply equivalent permission levels on the destination board. It is stored under the same 7-day retention as other job data and is used for no other purpose. This feature runs only when you explicitly start it from the Permissions view — it does not run during normal document extraction or migration.
Extracted document data is transmitted from the Chrome Extension to R-Data servers over HTTPS for processing. This includes:
All extracted document data is stored with a 7-day TTL and is automatically deleted after that period. Job metadata (completion status, timestamps) is retained for 30 days.
Images extracted from source documents may be temporarily stored on Vercel Blob Storage for the duration of the migration, then deleted with the rest of the job data.
If you choose to migrate documents to or from Miro, R-Data uses OAuth 2.0 to connect to your Miro account. Miro OAuth tokens are stored server-side, encrypted, and scoped to the minimum required permissions (board creation and reading). Tokens can be revoked at any time from your Miro account settings.
R-Data interacts with Figma/FigJam through two mechanisms:
R-Data user accounts store your email address and a bcrypt-hashed password. We do not store passwords in plaintext. Session tokens are issued as httpOnly, secure cookies and as Bearer tokens for extension use.
Payments are processed by Stripe. R-Data never sees, stores, or transmits your full credit card number. Stripe handles all payment data in compliance with PCI DSS standards.
The R-Data Chrome Extension requests the following permissions:
The extension does not use content scripts, does not inject code into web pages, does not access your browsing history, and cannot read data from any website outside the platforms listed above.
The R-Data FigJam plugin runs in Figma's plugin sandbox with network access limited to:
The plugin cannot access any other network resources, cannot read other FigJam files, and cannot modify files you have not explicitly opened with the plugin.
R-Data is distributed through the Chrome Web Store. Our use of information received from Google APIs, and from any OAuth-authenticated service surfaced through the extension (Figma, Miro), adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements.
R-Data's use of information received from Google APIs (and analogous OAuth providers) complies with the Chrome Web Store User Data Policy, including the Limited Use requirements. User data is used only to provide and improve the user-facing features of R-Data. It is not transferred except as necessary to provide those features. It is not used for advertising. It is not read by humans except with your explicit consent or for security and debugging in response to a specific support request you initiate.
The extension reads board data from the diagramming platforms you are already logged into. It uses your authenticated browser session (cookies scoped to Lucidchart domains) and OAuth-granted access tokens (for Miro and Figma) to retrieve the content of boards you explicitly select for extraction. The extension does not read other tabs, other websites, your browsing history, or stored credentials.
Board data is parsed locally in your browser. For ZIP export, the data never leaves your machine. For platform-to-platform routes (Miro destination or FigJam destination), the transformed payload passes through our processing server solely to call the target platform's API, and is deleted from our systems on a 7-day retention cycle. We do not sell user data. We do not use it to train machine-learning models. We do not share it with third parties beyond the target platform you selected.
The extension requests the minimum permissions required to function: cookie access for session detection on lucid.app domains; storage for local state (queued extractions, preferences); alarms and notifications for completion events. Host permissions are scoped to Lucid (for Lucidchart and Lucidspark), Figma (for FigJam session detection), and the R-Data backend at r-data.co (which handles all Miro API communication on behalf of the user). No broader access (all URLs, all tabs, browsing history, stored passwords) is requested or available.
You can revoke R-Data's access at any time. Remove the extension from Chrome via chrome://extensions and it stops reading data immediately. For OAuth-based connections, revoke the R-Data app in your Miro (Miro app settings) or Figma (Figma settings) account. Extraction data already on our server is purged on the 7-day retention cycle regardless of whether you have revoked access.
You may request deletion of your account and all associated data at any time by contacting nate@builtbyape.com. Extracted document data is automatically purged after 7 days regardless. OAuth tokens for Miro and Figma can be revoked independently from those platforms' account settings.
For questions about this privacy policy, contact nate@builtbyape.com.