Privacy policy.
Redactopia scans prompt text locally in the browser to check for common sensitive data patterns. Prompt text is not sent to Redactopia, not stored, and not shared with any third party.
This page explains what the extension does and does not collect, the permissions it requests and why, and what gets stored. If anything here is unclear, write to support@redactopia.com.
Local pattern matching, before the send.
Redactopia is a browser extension that monitors the prompt input on supported AI chat websites. Before a prompt is submitted, it is scanned locally using pattern matching to check for common sensitive data such as email addresses, API keys, passwords, and similar content.
When a potential issue is found, a warning is shown. The user can choose to review the prompt, redact flagged content, or send the message anyway. All of this happens in the browser.
Five AI sites by default. Any site by explicit grant.
The AI-chat protection content script is gated by host permissions in the extension manifest. It runs automatically only on the following domains:
| Site | Domain |
|---|---|
| ChatGPT | chatgpt.com |
| Claude | claude.ai |
| Gemini | gemini.google.com |
| Perplexity | perplexity.ai |
| Poe | poe.com |
The Manual Blur Tool is an opt-in feature that lets you redact content on any site. It never activates automatically. When you click the blur button on a site the extension hasn't seen before, the browser shows a permission prompt for that one site. You can revoke access at any time; disabling the tool removes all grants and clears all stored blur records.
Microsoft Copilot is not on the supported list. Extension content scripts cannot run on copilot.microsoft.com in Edge, so detection cannot operate there. The Copilot adapter is preserved in source for a possible future Chrome build.
Redactopia does not collect any data.
| Data type | Collected | Notes |
|---|---|---|
| Prompt text | No | Scanned locally in the browser only |
| Detected patterns / findings | No | Evaluated in memory only; not persisted |
| Redacted text | No | Replacement happens in the browser only |
| Personal information | No | No name, email, account, or device identifier is collected |
| Usage analytics | No | No telemetry endpoint, no event tracking |
| Browsing history | No | Pages visited outside the five supported sites are never seen by the extension |
| Clipboard contents | No | See Clipboard use below |
Settings and blur metadata. Nothing else.
All data is stored locally in chrome.storage.local on your device only — never synced to a server or to browser sync. The extension uses the following storage keys:
redactopia_settings— toggle states (booleans): whether protection is enabled, per-site settings, per-category detection settings, whether the Manual Blur Tool is enabledredactopia_custom_patterns— user-created detection rules: each stores a display name, the regex source the user typed, a severity level, and an enabled flag. Populated only by explicit user action in Settings.redactopia_auto_detect_prefs— which detection categories the Manual Blur Tool's auto-detect button checks (booleans per category)redactopia_manual_blurs— blur overlay records for the Manual Blur Tool, stored per page URL. Element and area blurs store a CSS selector and pixel bounds. Text-selection blurs additionally store the selected text and a few surrounding characters — required to re-locate and re-apply the blur after a page reload. This text is stored locally on your device only and is never transmitted anywhere.redactopia_blur_clickthrough— one boolean preference for the blur dock click-through toggle
Prompt text, findings, detected values, and redacted text are never stored. A transient handoff value (pendingRedactorText) is written to chrome.storage.session when the user clicks "Open in Redactor" — it is read once and immediately cleared.
Write-only fallback. Never read.
The clipboardWrite permission is used only as a fallback. When the user clicks Redact, Redactopia attempts to replace flagged text directly in the prompt input. If that replacement fails, Redactopia can copy the redacted version to the clipboard so the user can paste it manually. The user is shown a visible message when this fallback is used.
Redactopia does not read clipboard contents. The clipboardRead permission is not requested.
Zero network requests.
Redactopia makes no network requests of any kind. Fonts are bundled with the extension and loaded from the extension package itself — no external font service is contacted. There is no backend, no analytics service, no telemetry endpoint, and no remote logging.
No third-party connections. No SDKs. No tracking.
Redactopia makes no third-party connections of any kind. There are no third-party analytics libraries, error-reporting SDKs, advertising scripts, or data brokers included in the extension. The CSP enforces this: default-src 'none' blocks any connection not explicitly allowed, and the only explicitly allowed sources are the extension's own package files.
Six declared. Eight refused.
| Permission | Reason |
|---|---|
storage | Store user settings and Manual Blur Tool records in local browser storage |
clipboardWrite | Copy redacted text to clipboard as a fallback only — never reads the clipboard |
sidePanel | Open the Redactor side panel in response to user action |
tabs | Query open tabs to populate the "Send to Site" dropdown and to clean up blur overlays when the Manual Blur Tool is disabled |
scripting | Inject the Manual Blur Tool dock into the active tab when the user requests it; register per-site auto-restore scripts for sites the user has granted access to |
activeTab | Read the current tab's URL to determine whether the Manual Blur Tool needs a new permission grant |
| Host permissions (AI sites) | Run the AI-chat protection content script on the five supported sites — declared in the manifest, no prompt shown at install |
| Per-site optional permissions | When the user activates the Manual Blur Tool on a new site, the browser shows a native permission prompt for that one origin (e.g. https://example.com/*). These grants are revocable and are removed when the tool is disabled. |
Permissions explicitly not requested. Redactopia does not ask the browser for any of these:
- <all_urls> (direct grant)
- clipboardRead
- webNavigation
- webRequest
- cookies
- history
- identity
- notifications
Note on <all_urls>: it is declared in the manifest as the scope from which individual site origins can be requested — the extension never requests it as a blanket grant. Each site requires a separate user-approved prompt.
Pattern-matching, not understanding.
Detection is pattern-based and may be incomplete. Redactopia may not detect all sensitive content and may occasionally flag content that is not sensitive. Users should review prompts before sending and should not rely on Redactopia as a guarantee of privacy or security.