PassStore Extension — Privacy Policy

No cloud. No accounts. No tracking. Your credentials never leave your local Wi-Fi network. All communication is AES-encrypted end-to-end.

Data Collection

We do not collect, transmit, or store any personal data on external servers.

The extension does not:

The extension stores the following data locally on your device using the browser's built-in storage API:

Data	Purpose	Retention
Device IP & port	Reconnect to your phone on your LAN	Until disconnect
Pairing credentials	Re-establish sessions after network interruptions	Until disconnect
Connection timestamp	Enforce session expiry (1 hour max)	Until disconnect

All locally stored data is cleared when you disconnect or uninstall the extension.

Communicates only with the PassStore app on your phone over your local Wi-Fi network (LAN)
All messages are AES-encrypted with a key established during QR or code pairing
No data is sent to the internet — zero outbound requests to external servers

Permission	Why it's needed
`activeTab`	Detect password fields on the current page to offer autofill
`storage`	Save connection details locally so you don't re-pair every time
`<all_urls>`	Detect login forms on any website and establish a local WebSocket connection to your phone

Credentials are fetched from the PassStore mobile app on demand when you interact with a login form
Each request requires explicit approval on your phone (unless you've temporarily trusted the device for that domain)
Credentials are held in memory only for the autofill action and are never written to disk

This extension uses no third-party services, SDKs, analytics, or telemetry of any kind.

This extension does not knowingly collect information from children under 13.

Updates to this policy will be posted on this page. Continued use of the extension after changes constitutes acceptance.