Last updated: 2026-06-26
Safe Privacy Mask ("the extension") detects strings that look like personal or confidential information in input fields — on AI chat sites and on fields you register yourself — and masks (replaces) them on your device before you send. This policy explains exactly what the extension does and does not do with your data.
chrome.storage.local.| Data | Why | Where it goes |
|---|---|---|
| Text in targeted input fields (AI chat fields and fields you register) | Inspected against your enabled presets and rules, then masked — sensitive substrings are replaced — as you type, paste, leave a field, or just before sending | Processed in the page on your device. The masked value stays in the field so you send the masked text. The extension never stores it and never transmits it |
| Your settings (registered fields, replacement rules, categories, detection presets, per-site scope, trusted sites, options) | To apply your configuration | Stored on your device via chrome.storage.local only |
The extension does not collect: browsing history, cookies, credentials, file contents, location, analytics, telemetry, or any personally identifiable information for its own use. The field text it reads is used solely, in the moment, to apply your masking rules, and is then discarded.
storage — to save your settings on your device.scripting — to apply the extension's content script to
sites you have granted access to (see site access below).<all_urls>) — on any other site,
the extension acts only after you explicitly grant access on a user
gesture (for example, when you register a target field). This is an optional permission you
grant yourself — not forced by an organization or administrator — and you can revoke it at
any time. You can also add a site to Trusted sites, where the extension
does nothing at all.There are no network-related permissions and no remote code: the extension cannot and does not send anything anywhere. Regular expressions you write are evaluated locally (in a sandboxed Web Worker built from code bundled in the extension).
We receive no data, so there is nothing to share, sell, or retain. We do not use or transfer
any data for purposes unrelated to the extension's single purpose, and we do not use it for
advertising. To delete your settings, remove the extension or clear its storage from
chrome://extensions. You can also export or delete settings from the options page.
The extension is not directed at children and does not knowingly collect data from anyone.
Masking is a best-effort aid. It cannot detect every kind of sensitive information and does not guarantee that leakage is fully prevented. Always review what you are about to send.
If this policy changes, the "Last updated" date above will change and the new version will be published at this URL.
Questions about this policy: please open an issue at github.com/k-wada-dev-studio/privacy-policy/issues.