Privacy Policy

Your privacy is our No.1 priority.

Effective Date: March 8, 2026 · Last Updated: March 21, 2026

Strict Zero-Data Guarantee

Your data is NOT passing through any AegisVectro servers to store or collect your data. We do not save, store, or view your data. We literally cannot see your data. The data is processed instantaneously without saving, and there is no mediator in between.

The only external connection is directly between your browser and Google Gemini models. You can turn this off entirely, or customize exactly what context data you share directly within the extension's settings menu.

AegisVectro is now fully open source. You can verify these claims yourself by inspecting the complete source code on GitHub.

1. Introduction

AegisVectro Labs ("we", "our", or "us") provides the AegisVectro browser extension to enhance your web security. AegisVectro is now fully open source — you can inspect the complete source code on GitHub. We are committed to absolute transparency regarding your data. This policy outlines exactly what data is collected, how it is processed locally, and the strictly limited circumstances under which it interacts with APIs.

2. Data Collection and Usage

The extension processes specific data points locally to function. Below is a detailed breakdown of the data types we handle. All data processing is limited strictly to the functionality of the extension’s core security features.

Data Type	Storage Location	Purpose & Usage
Page Text & HTML Content	Never Stored	Analyzed locally or sent to the AI API (only if you enable AI features) to detect phishing, scams, and dark patterns. It is discarded immediately after analysis.
Current URL	Never Stored	Analyzed to check for deceptive domains, homograph attacks, and mismatching structures.
User API Key (Optional)	Local Device Only	If you choose to use the AI features, your personal Gemini API key is encrypted and stored locally in your browser (`chrome.storage.local`). It is never sent to our servers.
Extension Settings	Local Device Only	Preferences like Dark Mode, Auto-Scan, Auto-Cookie Rejecter, and Engine Sensitivity are saved locally on your machine.
Extension Context (Optional)	Only if "Share Context" is enabled	If you enable "Share Context with AI", the extension temporarily shares session telemetry (number of blocked trackers, popups, and cookies rejected on the current page) with the AI to provide you with more context-aware answers in the chat.
Visual Screen Capture	Never Stored	Only captured when you explicitly click "Capture & Analyze" in the Vision Guard feature. The image is analyzed in memory for phishing visual mimics and immediately discarded.

3. What We Do NOT Collect

We believe in privacy by design. AegisVectro deliberately lacks the capability to track you.

No Browsing History We do not log or track the websites you visit.

No Personal Data No names, emails, or account details are collected.

No Analytics Tracking No telemetry tools (like Google Analytics) track your usage.

No Form Data Passwords and inputs are ignored during scans.

4. Permissions Justification & Browser Warnings

Browser Installation Warning Explained

If you see a warning from your browser stating that this extension can "read and change all your data on all websites" or "view your browsing history", please do not be alarmed.

This is a generic technical warning required by browsers. It is purely there because the extension needs permission to check the integrity of the URL you are currently visiting and to scan the text on the page for threats. We do not use this permission to track your history or harvest data.

Specific permissions we request:

activeTab: Required to read the URL, text content, and DOM structure of the tab you are currently viewing when a scan is initiated.
storage: Required to save your settings (e.g., Theme, Auto-scan preference) and your API Key securely on your local device.
declarativeNetRequest: Required for the Tracker Radar and Ad Blocker engines to intercept and block known malicious tracking scripts or spam domains without reading your actual network traffic content.
declarativeNetRequestFeedback: Required to provide real-time feedback on which network requests were blocked by the Tracker Radar, allowing the extension to display accurate blocked tracker counts in the popup dashboard.
host_permissions (all URLs): Required so the content script can run on any website you visit to perform security analysis. Without this, the extension cannot scan pages for threats.

5. Third-Party Integrations (Google Gemini Models)

If you optionally configure AegisVectro to use AI analysis, the extension connects directly to Google's Generative AI API.

Google Gemini Models

When an AI scan is triggered, the page text or visual capture is securely transmitted directly to generativelanguage.googleapis.com via your personal API key.

Data Handling: According to Google's API policies, data sent through API keys is not used to train their models.

Direct Connection: The request goes directly from your browser to Google. It does not route through AegisVectro servers.

AegisVectro Labs does not have access to or store any data transmitted directly to Google via your API key.

6. Data Retention & Storage

AegisVectro stores the following data exclusively in chrome.storage.local on your device. No data is ever transmitted to AegisVectro servers.

Settings & Preferences: Theme, auto-scan toggle, link safety toggle, ad blocker toggle, popup blocker toggle, auto-cookie rejecter toggle, AI context sharing toggle, engine sensitivity level, language preference, and engine choice. Retained until you change them or uninstall the extension.
API Key (Optional): Your personal Gemini API key, stored locally. Retained until you remove it from settings or uninstall.
Last Scan Result: The most recent scan result and URL are cached locally to avoid redundant scans. Overwritten on each new scan.
Whitelist & Blacklist: User-defined domain lists stored locally for custom security rules.

Transient data (page text, screenshots, URL analysis) is processed entirely in memory and discarded immediately after analysis. It is never written to disk or persistent storage.

7. Data Security

All data processing occurs locally within your browser's sandboxed extension environment. When AI features are enabled, data is transmitted directly from your browser to Google's API endpoints over HTTPS/TLS encryption. AegisVectro does not operate any intermediary servers, proxies, or data collection endpoints.

8. User Control & Rights

You have full, granular control over your data:

Disable AI features entirely from the extension's settings panel.
Toggle individual features on/off: Auto-Scan, Link Safety, Ad Blocker, Pop-up Blocker, Auto-Cookie Rejecter, and AI Context Sharing.
Remove your API key at any time from Settings.
Clear all stored data by uninstalling the extension. All chrome.storage.local data is permanently deleted on uninstall.
Inspect the source code on GitHub to verify all data handling claims.

9. Children's Privacy

AegisVectro is not directed to children under the age of 13. We do not knowingly collect personal information from children. Since the extension collects no personal data from any user, there is no risk of inadvertent collection from minors.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal and regulatory reasons. Any changes will be posted on this page with an updated "Last Updated" date. We encourage users to review this policy periodically. Continued use of the extension after changes constitutes acceptance of the revised policy.

11. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us:

Email: support@aegisvectro.com

AegisVectro Labs
https://aegisvectro.com