Last Updated: January 16, 2026
Version: 1.0.0
Extension: Trust Shield Official (Phishing & Scam Protection)

Overview

Trust Shield Official ("Trust Shield", "we", "our") is committed to protecting your privacy. This privacy policy explains how our browser extension handles your data.

Data Collection

What We DO NOT Collect

Trust Shield does not:

• ❌ Collect your browsing history
• ❌ Track which websites you visit
• ❌ Transmit browsing content or URLs to external servers
• ❌ Store personally identifiable information (PII)
• ❌ Monitor your keystrokes or form inputs
• ❌ Access your passwords or credentials
• ❌ Share data with third parties (no data selling or sharing)
• ❌ Inject ads or affiliate links
• ❌ Use third-party analytics (unless you enable optional telemetry)

What We DO Store Locally

Trust Shield stores the following data only on your device (Chrome Storage API):

1. Extension Settings

• Data: Protection level (Low/Medium/High), Safe Mode toggle
• Purpose: Remember your preferences
• Location: Chrome Sync Storage (syncs across your Chrome devices)
• Size: < 1 KB

2. Trusted Sites List (Allowlist)

• Data: Domains you manually marked as "trusted"
• Purpose: Skip analysis on sites you trust
• Location: IndexedDB (local only)
• Size: < 100 KB

3. Threat Intelligence Database

• Data: Hashed known phishing domains (from public threat feeds)
• Purpose: Check if current site is known malicious
• Location: IndexedDB (local only)
• Size: ~10 MB
• Update Frequency: Once per day
• Network Activity: Extension downloads threat intelligence bundles (one-way download, no user data sent)

How We Use Stored Data

All data processing happens locally in your browser:

1. URL Analysis: Current page URL checked against local threat database (hashes only). Domain analyzed for suspicious patterns. No URLs sent to external servers.
2. Page Content Analysis: Content script analyzes HTML/CSS/JavaScript locally. Detects common phishing indicators. No page content sent to external servers.
3. Redirect Tracking: Browser navigation events captured to analyze redirect chains. No tracking data stored permanently.
4. Threat Intelligence Updates: Daily download of threat intelligence bundles from public sources. Downloads are one-way (extension receives updates, sends no data).

Permissions Explained

Required Permissions

• storage: Save your settings and trusted sites list (data never leaves your device)
• tabs: Get current tab URL to analyze (no browsing history stored)
• webNavigation: Track redirect chains (temporary tracking only)
• alarms: Schedule daily threat intelligence updates
• scripting: Inject content script to analyze page (only on sites you grant access)

Optional Permissions

optional_host_permissions: Analyze websites for phishing indicators. You can choose between "Ask for each site" (recommended) or "Protect all sites". You can revoke permission anytime.

Data Sharing

Trust Shield does not share your data with anyone:

• No browsing data collected: We don't collect your browsing history, URLs visited, or page content
• No personal data collected: No PII, credentials, or user-specific information collected
• No data selling: We never sell or share any data with third parties
• No advertising networks: No ad networks or tracking pixels
• Optional telemetry only: If you enable telemetry (disabled by default), only anonymized, privacy-safe events are sent

Third-Party Services

Threat Intelligence Updates (Automatic)

What: Daily downloads of threat intelligence bundles from public sources
Data Sent: None (one-way download only)
Privacy: No user data, URLs, or browsing history transmitted

Optional Telemetry (Disabled by Default)

What: Privacy-safe usage statistics (if you enable it)
Default: OFF (requires your consent)
Data Sent: Anonymized event counts only
Data NOT Sent: No URLs, no page content, no personal information

No Other Third-Party Services: No Google Analytics, no error tracking services, no advertising networks, no social media integrations.

Data Security

How We Protect Your Data

1. No Browsing Data Transmitted: Your browsing history, URLs, and page content never leave your device
2. Local Processing: All phishing analysis happens in-browser
3. Limited Network Activity: Only threat intelligence downloads (one-way) and optional telemetry (if you enable it)
4. HTTPS Only: All network requests use secure HTTPS connections
5. Permissions Control: You control which sites extension can access
6. Open Source: Code is auditable (no hidden backdoors)
7. Telemetry Opt-In: Telemetry disabled by default, requires your explicit consent

Your Privacy Rights

You Can:

• ✅ Control Permissions: Choose which sites Trust Shield can access and revoke permissions anytime
• ✅ Delete Your Data: Clear settings, trusted sites, or uninstall the extension
• ✅ Audit Our Code: Source code available on GitHub (no obfuscation)
• ✅ Disable Features: Safe Mode or reduce protection level as needed

Children's Privacy

Trust Shield does not knowingly collect data from children under 13. Since we collect no data at all, there is no risk of COPPA violations.

International Users

Trust Shield works globally without modification. Since we collect no personal data, process all data locally, and transmit nothing to servers, we comply with privacy regulations worldwide, including:

• GDPR (Europe): No personal data processing
• CCPA (California): No data selling or sharing
• PIPEDA (Canada): No data collection
• Privacy Act (Australia): No data disclosure

Contact Information

If you have questions about this privacy policy or Trust Shield's data practices:

Email: admin@agsaconsulting.com.au
GitHub: https://github.com/arunkgopal78/AGSA_Trust_Shield
Response Time: We aim to respond within 7 business days.

Privacy Policy Summary (TL;DR)

Acceptance: By installing Trust Shield Official, you accept this privacy policy.