Privacy Policy for Quiet Security Assistant

Last Updated: January 2025

1. Data Collection

This extension operates on a "Local-First" architecture. It does not transmit your emails, passwords, form data, or browsing history to any external server, cloud database, or third-party analytics service.

2. Local Storage

The following data is stored locally on your device (using chrome.storage.local) solely to provide functionality:
* Whitelisted Domains: Domains you explicitly mark as safe.
* Incident Logs: A history of flagged alerts (metadata only, e.g., "Suspicious link detected on example.com"). This allows the dashboard to show you a summary of prevented attacks.
* Extension Settings: Your preferences (e.g., if the extension is paused).

3. Passwords & Credentials

This extension includes a "Protector" feature that detects when a password field is present on a potentially malicious site to warn you.
* It does NOT read, store, or transmit your actual password.
* It only detects the presence of the field and whether a submission event occurred.

4. Permissions

• Read your email (Gmail): Required to scan incoming emails for phishing indicators (urgency, IP links, etc.) within your browser.
• Web Navigation: Required to track redirect chains (e.g., clicking a link in an email that redirects through multiple sites) to detect cloaked attacks.

5. Contact

If you have questions about this policy, please contact the developer via the support link on the Chrome Web Store.