AegisPrompt

← Back to home

AegisPrompt Scanner Privacy Policy

Effective Date: April 24, 2026

🔒 The short version

AegisPrompt Scanner is a free Chrome extension that passively counts sensitive data patterns (emails, phone numbers, SSNs, credit cards, API keys, and similar) in text you submit to AI chat platforms. Everything happens on your device. There is no backend, no account, no signup, and no network traffic — we cannot see your prompts or your detection counts because the extension has no servers to send them to.

This policy applies only to AegisPrompt Scanner, the free Chrome extension. AegisPrompt for Teams (the paid enterprise product) is a separate product with different data practices — see the AegisPrompt for Teams privacy policy for details.

What the extension does

When you install AegisPrompt Scanner, it runs in the background on five supported AI platforms:

  • ChatGPT (chat.openai.com, chatgpt.com)
  • Claude (claude.ai)
  • Microsoft Copilot (copilot.microsoft.com, m365.cloud.microsoft)
  • Google Gemini (gemini.google.com, bard.google.com)
  • Perplexity (perplexity.ai)

When you submit a prompt on one of these platforms, the extension scans the text you submitted against patterns for common types of sensitive data. If matches are found, a count is incremented locally and a small number badge appears on the extension icon. Clicking the icon shows a report of cumulative matches.

Data the extension processes

Processed momentarily (not stored)

The text you submit to supported AI platforms. The extension reads this text solely to run pattern-matching locally at the moment of submission. The text itself is never retained, copied, logged, transmitted, or written to disk.

Stored locally on your device

Aggregate counts of matches, grouped by data type and AI platform — for example: { "email": 23, "api_key": 7, "chatgpt": 28, ... }. These counts are stored in chrome.storage.local, a local-only browser storage mechanism tied to the extension on your device.

Not processed, not stored, not transmitted

  • AI platform responses (the replies from ChatGPT, Claude, etc.)
  • Your email, name, account, or any identifying information
  • Your IP address
  • Your browsing history outside the five supported platforms
  • Any content on any website other than the supported AI platforms

Data that leaves your device

⚠️ None. Ever.

The extension has no backend. It has no server. It makes no network requests of any kind — not on install, not on use, not on uninstall. You can verify this by inspecting the extension's code (available via the Chrome Web Store's "View source" option) or by monitoring network traffic in Chrome DevTools while using it.

There is no user account, no signup, and no login. The extension cannot associate any activity with a specific person or device because it collects no identifying information and transmits nothing.

Chrome permissions the extension requests

  • storage: to save aggregate match counts locally via chrome.storage.local. No remote storage or sync.
  • Host permissions for the five AI platforms: so the extension can observe text submitted on those specific sites. It does not run on any other websites.

The extension does not request activeTab, scripting, notifications, identity, cookies, history, or any other sensitive permissions.

Data retention and deletion

Because the only stored data is local aggregate counts on your own device, you have complete control:

  • See what's stored: Click the extension icon. The popup shows everything the extension knows.
  • Reset counts: Click the extension icon, open the three-dot menu in the top right, and choose "Reset all data."
  • Delete everything: Uninstall the extension from chrome://extensions. All data is removed automatically.

Third parties

AegisPrompt Scanner uses no third-party services, analytics tools, error reporters, or advertising networks. We do not embed any third-party code. We do not share any data with anyone, because we have no data to share.

This is intentionally different from AegisPrompt for Teams, which uses third-party providers for authentication, payment processing, and infrastructure. The Scanner deliberately ships without any of those so it can make this simple claim.

Cookies and tracking

The extension does not use cookies or cross-site tracking. The aegisprompt.ai marketing website may use cookies for website preferences and analytics, controllable through your browser settings.

Children's privacy

Our extension is not intended for children under 13. We do not knowingly collect personal data from minors, though in practice the extension collects no personal data from anyone.

Your rights

Your rights include:

  • Access: Everything the extension knows is visible in the popup.
  • Correction: We have no record of you to correct.
  • Deletion: Reset via popup menu, or uninstall the extension.
  • Portability: Because detection data never leaves your device, data portability is self-serve.
  • Full control: Disable or uninstall at any time from chrome://extensions.

GDPR and CCPA compliance

Because the Scanner does not collect, process, or transfer personal data — it performs only local, in-memory pattern matching and stores aggregate counts on the user's own device — there is no data subject to GDPR, CCPA, or similar data-protection regimes. If you believe the extension is processing your data in a way this policy does not disclose, please contact us immediately.

International users

All extension processing happens locally in your browser on your device. No data is transferred internationally because no data is transferred at all.

Changes to this policy

If we materially change how the extension handles data, we'll update this page and the effective date above. Because the extension does not authenticate or communicate with us, we have no way to notify individual users directly. Users are encouraged to re-read this policy when the extension updates.

Relationship to AegisPrompt for Teams

AegisPrompt offers a separate paid product, AegisPrompt for Teams, which has different privacy practices (it includes authentication via Auth0, payment processing via Stripe, an admin dashboard, and aggregate reporting for companies that deploy it). AegisPrompt for Teams has its own privacy policy at aegisprompt.ai/privacy.

AegisPrompt Scanner is a distinct free product and shares no infrastructure, accounts, or data with AegisPrompt for Teams.

Contact information

Questions about this policy or the extension: fgoldin@aegisprompt.ai

Response Time: We aim to respond within 48 hours.

Disclaimer: This privacy policy is provided for informational purposes and is not legal advice. You should consult a qualified attorney to ensure compliance with applicable laws and regulations.