๐ Privacy summary
QAKit does not collect, transmit, or sell any personal data. All data the extension reads (cookies, localStorage, page content, analytics events, screenshots) stays on your device, in your browser. Nothing is sent to any external server, including ours. The extension has no analytics, no telemetry, no remote logging, and no user accounts.
Overview
QAKit is a developer / QA toolkit that runs entirely inside your browser. It provides on-demand inspection, capture, and debugging features for web pages you choose to test. This privacy policy explains exactly what data the extension accesses, how it is used, and where it is stored.
Data accessed by the extension
QAKit needs read access to the page you have actively open in order to provide its features. Specifically, it may read the following:
| Feature | Data accessed | Why |
|---|---|---|
| Element Inspector / Spacing | DOM elements, computed CSS, test attributes | To display element info on hover |
| Page Audit | Page HTML, links, images, CSS, performance metrics | To run quality checks (broken links, a11y, perf) |
| Analytics | dataLayer, gtag, Adobe, Tealium, Segment events | To display analytics events fired by the page |
| Network Mock | Outgoing HTTP requests on the active tab | To match request URLs against your mock rules |
| Headers Modifier | HTTP request and response headers | To inject / modify headers per your rules |
| Cookie Manager | Cookies for the current domain | To list, edit, and delete cookies |
| Local Storage | localStorage keys for the current origin | To browse, edit, delete keys |
| Console Errors | JavaScript errors from page scripts | To display errors in the QAKit console panel |
| Screenshots | Visible page area or full-page rendered content | To produce the screenshot you requested |
| Geolocation Override | None (only writes a custom location) | To override the geolocation API for testing |
| Page Metadata | HTML <meta>, Open Graph, JSON-LD tags | To extract and display SEO metadata |
Where the data is stored
All data accessed or generated by QAKit is stored only on your device, using one of the following local browser mechanisms:
chrome.storage.localโ your QAKit settings, mock rules, header rules, environment markers, page audit history, and analytics search filters.- In-memory (page session) โ captured analytics events, console errors, screenshot data while editing.
- Your operating system clipboard โ only when you explicitly copy a screenshot or text via QAKit.
- Your downloads folder โ only when you explicitly save a screenshot or export data as a file.
QAKit never transmits any of this data to remote servers, ours or anyone else's.
Network requests made by the extension
QAKit's only outbound network requests, made on your behalf, are:
- HEAD requests to URLs on the page you audit โ when you run Page Audit, QAKit sends a HEAD request to each link on the page to check whether it returns a successful HTTP status (broken-link detection). These requests go directly from your browser to the destination URLs; QAKit does not relay them.
- That's it. No other outbound traffic. No telemetry. No analytics ping-back. No update check beyond what the Chrome Web Store itself does for all extensions.
Permissions explained
QAKit requests the following Chrome permissions. Each is used solely for the corresponding feature:
| Permission | Used for |
|---|---|
activeTab | Reading content of the currently active tab when you open the popup |
scripting | Injecting inspection / capture scripts into the active tab |
storage | Saving your settings and rules to chrome.storage.local |
tabs | Identifying the active tab and capturing its visible area for screenshots |
cookies | Listing / editing / deleting cookies via Cookie Manager |
debugger | Element / spacing inspection requires DevTools-level access for some metrics |
declarativeNetRequest / declarativeNetRequestWithHostAccess | Implementing Network Mock and Headers Modifier rules |
windows | Opening JSON Viewer / Text Compare / Help in new browser tabs |
contextMenus | Adding QAKit shortcuts to the right-click menu |
<all_urls> host permission | So the above features work on whichever site you are testing โ you control which sites in Settings โ Allowed Domains |
Children's privacy
QAKit is a developer/QA tool not directed at children under 13. We do not knowingly collect any data โ from anyone, of any age.
What QAKit does NOT do
- โ Does not transmit any browsing or page data to remote servers
- โ Does not include any analytics, telemetry, or usage tracking
- โ Does not use cookies, fingerprinting, or any other tracking technology
- โ Does not require user accounts, sign-in, or registration
- โ Does not sell or share any data with third parties โ there is no data to share
- โ Does not include advertising or sponsored content
- โ Does not modify pages without your explicit action (no auto-injection of changes)
Removing your data
To remove all data QAKit has stored, you can:
- Open QAKit Settings and click โบ Reset to Defaults to clear all settings, rules, and history
- Or remove the extension from
chrome://extensions/โ Chrome automatically clears all extension storage on uninstall
Changes to this policy
If this policy changes, the updated version will be included with the next QAKit release. The version date at the top of this document indicates when it was last revised. Substantive changes will be noted in the QAKit release notes / changelog.
Contact
Questions, concerns, or privacy-related feedback? Email qakit.extension@gmail.com