Back to Techzick CyberShield Security

Privacy Policy

CyberShield Security is a browser extension designed to help users identify phishing risks, malicious URLs, suspicious downloads, scam content, unsafe prompts, and other security threats while browsing. This Privacy Policy explains what information the extension processes, how that information is used, and the choices available to users.

Effective date [DATE]
Publisher [YOUR NAME / COMPANY NAME]
Contact [SUPPORT EMAIL]
Website [YOUR WEBSITE OR SUPPORT PAGE]

1. Information We Process

CyberShield Security may process the following categories of information in order to provide its security features:

  • Browsing and page data: The extension may inspect the current page URL, domain, page title, visible page text, search results, links, and other page-level content needed to evaluate site reputation, phishing risk, scam indicators, and content trust.
  • User-provided text and prompt content: On supported AI websites and other monitored pages, the extension may analyze text entered by the user, pasted content, or visible prompt content in order to detect prompt injection attempts, accidental disclosure of secrets, or other security risks.
  • Clipboard and input safety signals: When enabled by the extension’s protection features, the extension may inspect pasted text or typed input locally to detect exposed secrets, tokens, keys, or credentials. Where possible, sensitive values are masked before being sent outside the page context.
  • URL and download metadata: The extension may process URLs, domains, filenames, and download source links to assess whether a page or file appears unsafe.
  • Monitored email addresses: If a user chooses to enable breach monitoring and adds email addresses for monitoring, those email addresses may be processed to check whether they have appeared in known data breaches.
  • Extension settings and preferences: The extension stores user preferences locally in the browser, such as enabled protections, safe domains, monitored email addresses, and other configuration settings.
  • Device or local service connection details: If the user enables the optional local backend or local LLM features, the extension may communicate with a locally running service, such as http://127.0.0.1:8001 or http://localhost:8001, to perform analysis on the user’s own device or local network environment.

2. How We Use Information

We use processed information only to provide the extension’s security features, including:

  • Detecting phishing, scam, and malicious websites.
  • Evaluating links, domains, and page reputation.
  • Assessing download risk.
  • Detecting prompt injection and unsafe AI interactions.
  • Detecting accidental exposure of secrets or credentials.
  • Providing optional breach monitoring alerts.
  • Displaying security warnings, trust scores, and user-facing diagnostics.
  • Improving reliability and security of the extension.

We do not use user data for advertising.

3. Where Processing Happens

CyberShield Security is designed to perform as much analysis as possible locally in the browser or through a local backend running on the user’s machine.

Depending on which features are enabled and available, data may be processed in the following ways:

  • In-browser local analysis: Some checks are performed entirely within the browser using built-in or bundled models and rules.
  • Local backend analysis: If the user has installed and enabled the optional local backend, certain analysis requests may be sent to that local service on the user’s device.
  • External threat intelligence lookups: For some threat checks, the extension may send URLs, domains, or related metadata to third-party threat intelligence services or to the configured backend so that those services can evaluate the resource.

Based on the current extension behavior, external requests may include:

  • URLhaus at https://urlhaus-api.abuse.ch/
  • Any analysis endpoints configured through the local or self-hosted backend.
  • Any third-party services used by that backend, if applicable.

If you operate a hosted backend instead of only a local backend, you should name it here and disclose what data it receives.

4. Data Sharing

We do not sell personal information.

We may share limited data only as necessary to provide security checks, including:

  • URLs or domains submitted for phishing or malware evaluation.
  • Email addresses submitted by the user for breach monitoring.
  • Limited text or page content submitted to the local or configured backend for security analysis.
  • Masked security-event data generated by secret exposure detection.

We do not share user data with data brokers or advertisers.

5. Data Storage and Retention

CyberShield Security stores certain settings and user configuration data locally in the browser, such as:

  • Protection settings.
  • Safe domain preferences.
  • Monitored email addresses.
  • Cached reputation or diagnostic data.
  • Other extension preferences.

Retention depends on the user’s browser storage and configuration. Data remains until it expires, is overwritten, or is removed by the user or by uninstalling the extension.

If you run a backend service, add a short statement here describing:

  • What server logs you keep.
  • How long they are retained.
  • Whether submitted URLs, prompts, or emails are stored.

6. User Controls

Users can control how the extension works by:

  • Enabling or disabling features in the extension settings.
  • Adding or removing monitored email addresses.
  • Adding or removing safe domains or custom preferences.
  • Uninstalling the extension at any time.
  • Clearing browser extension storage through the browser.

If a local backend is optional, users may also stop using that backend by turning off the feature or stopping the local service.

7. Security

We take reasonable steps to reduce unnecessary data collection and to favor local processing where possible. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Users should avoid submitting highly sensitive information unless required for a specific security feature they intentionally enable.

8. Children's Privacy

CyberShield Security is not directed to children under 13, and we do not knowingly collect personal information from children.

9. International Users

If you use the extension outside your home country, your information may be processed in other jurisdictions depending on the services you use, including third-party threat intelligence services or any hosted backend you configure.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date above and publish the revised version through our website, support page, or Chrome Web Store listing.

11. Contact

If you have questions about this Privacy Policy or the extension’s data practices, contact:

  • [YOUR NAME / COMPANY NAME]
  • [SUPPORT EMAIL]
  • [WEBSITE / SUPPORT URL]

Chrome Web Store Disclosure Notes

Based on the current code, your Chrome Web Store data disclosure will likely need to mention:

  • Personally identifiable information: email addresses, if breach monitoring is enabled.
  • Web history / browsing activity: URLs and pages analyzed for security.
  • User activity or website content: page text, prompt text, or pasted text analyzed for protection features.
  • Files and docs: download metadata and scanned file-related information if download or file scanning is enabled.

You should only claim:

  • Data is used for security functionality.
  • Data is not sold.
  • Data is not used for advertising.
  • Data handling depends on enabled features and local or backend configuration.