TouchLock Privacy Policy

TouchLock does not collect, transmit, or share any personal data with external servers or third parties.

All authentication data — including hashed PINs, WebAuthn credential IDs, and security question answers — is stored locally on your device using the browser's built-in storage API (browser.storage.local). Data never leaves your browser.

The optional "Request a Feature" form in Settings allows you to voluntarily submit feedback via EmailJS. If you choose to use this form, only the information you explicitly enter (email, category, message) is transmitted. This is entirely optional and user-initiated.

Permissions used:

storage – Save encrypted credentials and settings locally
tabs – Manage lock screen tabs and enforce profile-level lock
scripting – Inject lock overlay on web pages
idle – Detect inactivity for auto-lock feature
<all_urls> – Apply lock overlay to all open pages
No analytics, tracking, or telemetry is included.