Privacy Policy

What ExtensionAudit does

ExtensionAudit is a Chrome extension that reads the list of extensions installed in your browser (via Chrome’s management API) and assesses each one for risk — known malware, over-broad permissions, and removed or community-flagged listings. The permission analysis runs locally in your browser.

What we collect

• Extension identifiers. When you run a scan, the IDs of your installed extensions are sent to our API to look them up against malware/risk databases and to fetch public Chrome Web Store information. Extension IDs are public identifiers, not personal data.
• Anonymous client ID. A random identifier is generated and stored locally in your browser. It contains no personal information and is not linked to your identity, account, or IP.
• Opt-in shared data.Only if you explicitly enable “Share anonymously,” we store which extension IDs your anonymous client has (and whether you removed them) to compute aggregate community statistics (e.g. “% of users who removed this extension”). Sharing is off by default.

What we do NOT collect

We do not collect your name, email, browsing history, page content, cookies, passwords, or the contents of any extension. We do not track you across websites. We do not sell or share data with third parties for advertising.

How we use it

Solely to provide the audit (look up risk for the extensions you have) and, for opted-in users, to produce anonymous, aggregate rankings of risky extensions. We never use it to identify you.

Data retention & control

Turning off “Share anonymously” stops further sharing. You can clear the extension’s local storage at any time to reset your anonymous client ID. To request deletion of any data associated with your anonymous ID, contact us.

Contact

Questions or deletion requests: [your-contact-email]