# Privacy Policy for Privacy Extension **Last updated: March 31, 2025** Privacy Extension is a browser extension designed to assist users in generating and managing data for Zero-Knowledge Proof-based transactions. This document outlines how user data is handled and what permissions the extension requests. --- ## 🔐 Data Usage We **do not collect, store, or transmit any personal information or sensitive data** to our servers or third parties. All cryptographic operations are executed **locally in your browser**, using your encrypted wallet data. --- ## 🔑 Permissions Requested The extension requests the following Chrome permissions: ### 1. `offscreen` - **Why:** To securely generate SNARK proofs using Noir and Garaga in an isolated offscreen context. - **How it's used:** The offscreen document loads circuit files and performs proof computation in background without interfering with the visible UI. ### 2. `scripting` - **Why:** Required to inject the `window.privacy` API into webpages. - **How it's used:** Enables frontend apps to communicate with the extension securely. ### 3. `storage` - **Why:** To store user preferences and encrypted wallet data (e.g., seed phrase) locally. - **How it's used:** Data is encrypted with a password and stored using `chrome.storage.local`. ### 4. **Remote Code** - **Why:** The extension fetches cryptographic circuit files (e.g., Noir bytecode and verifying keys) from a trusted GitHub repository. - **How it's used:** These files are static and only used to generate ZK proofs dynamically. No executable JavaScript code is loaded from remote sources. ### 5. **Host Permissions** - The extension may request access to certain origins in order to respond to page-level requests (e.g., `https://your-app.com/*`) if injected into web applications. - This is required for proper communication between the extension and third-party apps. --- ## 🚫 No Tracking This extension does **not** use analytics, cookies, or trackers of any kind. --- ## 📬 Contact If you have questions or concerns about this privacy policy, contact us at: **Email:** `uaciasdev@gmail.com` --- ## 📌 Summary - All computations happen locally. - No personal or sensitive data is collected. - Minimal permissions are requested strictly for core functionality.