Privacy Policy - Secure Password Manager Extension

1. Introduction

This Privacy Policy describes how the Secure Password Manager Chrome extension ("we," "our," or "us") collects, uses, and protects your information when you use our browser extension. We are committed to protecting your privacy and ensuring the security of your sensitive data.

2. What Data We Collect

Our extension collects the following types of data:

2.1 Authentication Information

• Encrypted Passwords: Your website passwords are encrypted using AES encryption before storage
• Master Password Hash: A secure hash of your master password for authentication
• Login Credentials: Usernames and encrypted passwords for websites you choose to save

2.2 Website Content

• Form Detection: We analyze webpage content to identify login forms
• Domain Information: Website URLs where you've saved passwords

2.3 Extension Settings

• User Preferences: Auto-lock settings, notification preferences, and display options
• Security Settings: Timeout configurations and security parameters

3. How We Use Your Data

We use your data exclusively for the following purposes:

• Password Management: Storing, retrieving, and auto-filling your saved passwords
• Security Features: Implementing auto-lock, master password verification, and security notifications
• User Experience: Providing password generation, search functionality, and organizational features
• Form Detection: Identifying login forms to offer password auto-fill suggestions

4. Data Storage and Security

4.1 Local Storage

All your data is stored locally on your device using Chrome's built-in storage API. We do not transmit any data to external servers or cloud services.

4.2 Encryption

Your sensitive data is protected with industry-standard AES encryption. Your master password is never stored in plain text - only a secure hash is maintained for verification purposes.

4.3 Data Location

Your data is stored in your Chrome browser's local storage, which is located in your Chrome profile directory. This data is only accessible by the extension and cannot be accessed by other applications or websites.

5. Data Sharing and Third Parties

We do not:

• Sell, rent, or trade your personal data to third parties
• Share your data with advertising companies or marketing firms
• Use your data for purposes unrelated to password management
• Transfer your data to determine creditworthiness or for lending purposes
• Access your data for any purpose other than providing password management services

6. Permissions and Access

Our extension requests the following permissions to function properly:

6.1 Required Permissions

• Storage: To save encrypted passwords and settings locally
• ActiveTab: To access the current tab for password auto-fill
• Tabs: To communicate with tabs for form detection and auto-fill
• Notifications: To alert you about security events and important updates

6.2 Host Permissions

We request access to all websites (``) to detect login forms and provide password auto-fill functionality across the web. This is essential for our core password management features.

7. Data Retention and Deletion

Your data is retained as long as you use the extension. You can delete your data at any time by:

• Uninstalling the extension (this removes all stored data)
• Using the extension's built-in data export/clear functions
• Clearing your browser's extension data

8. Children's Privacy

Our extension is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date at the top of this policy. Your continued use of the extension after any changes constitutes acceptance of the updated policy.

10. Your Rights and Choices

You have the right to:

• Access all data stored by the extension
• Export your data in a readable format
• Delete specific passwords or all data
• Disable specific features or permissions
• Uninstall the extension at any time

11. Security Measures

We implement several security measures to protect your data:

• Local Storage: All data remains on your device
• AES Encryption: Industry-standard encryption for sensitive data
• Master Password Protection: Additional layer of security
• Auto-lock Feature: Automatic session timeout for security
• No External Transmission: Data never leaves your device

12. Contact Information

13. Compliance

This extension complies with:

• Chrome Web Store Developer Program Policies
• General Data Protection Regulation (GDPR) principles
• California Consumer Privacy Act (CCPA) requirements
• Industry best practices for password management