VertaaUX Inspect — Privacy Policy

This page is the Chrome Web Store privacy disclosure for the VertaaUX Inspect browser extension. It is a product-specific extension of our general privacy policy and describes exactly what data the extension accesses, what it transmits, and what it never touches.

Single purpose

VertaaUX Inspect has one purpose: auditing the active web page you are viewing for usability, accessibility, and conversion issues, and presenting the results in the Chrome side panel and an on-page overlay.

What the extension can see

The extension uses the following Chrome permissions:

• activeTab + scripting — to inject a content script into the tab you explicitly invoke a scan on. The content script reads the rendered DOM, computed styles, images, and headings of that page so the audit engine can evaluate accessibility and UX heuristics.
• <all_urls>— required so you can run an audit on any website you choose. We never read or enumerate tabs you haven’t explicitly scanned.
• storage— to persist your settings locally in Chrome’s chrome.storage.sync: optional API key, theme preference, confidence threshold, highlight color, and focus dim strength. No content or audit results are stored in chrome.storage.
• sidePanel — to render the audit results panel. Data shown in the panel lives only in memory for the current session.

What data leaves your browser

When you click “Scan Page”, the extension sends to VertaaUX servers only:

• The URL of the page being audited
• The HTML of the page (so our analyzers can evaluate it server-side)
• Your API key header, if you have configured one
• A generated audit job ID used to poll for results

We do not transmit: browsing history, cookies, local storage, form field values, passwords, credit card data, content from tabs you did not explicitly scan, keystrokes, mouse movements, or any identifier other than (optionally) your API key.

What we never touch

• We never read DOM content from a tab unless you click Scan on that tab.
• We never scan pages served from chrome://, the Chrome Web Store, or other restricted origins (Chrome prevents this).
• We never inject code into tabs we haven’t been asked to audit.
• We never store page content in Chrome’s sync storage.
• We do not use cookies in the extension surfaces.

How audit data is used server-side

Page HTML received by our audit engine is processed to produce the issue list and scores returned to the extension. If you are not signed in, the audit runs in demo modewith results retained for 24 hours and then purged. If you are signed in with an API key, the audit is associated with your account and retained per your plan’s retention policy (see your dashboard).

Telemetry and analytics

The extension includes optional anonymous usage telemetry (scan counts, feature usage, error rates) used to improve the product. It is off by default. You can review or toggle this under Settings → Share anonymous usage data in the extension options page. No personal data, page URL, or page content is included in telemetry events.

Third parties and sub-processors

Audit content sent to VertaaUX may be processed by the AI sub-processors listed in our main privacy policy (Anthropic, OpenAI) under strict data-processing agreements that prohibit training on customer content. No third-party advertising, analytics, or tracking SDKs run in the extension itself.

Your rights

You can remove all local data by uninstalling the extension (Chrome automatically clears its storage.sync entries). To delete server-side audit history associated with your account, contact privacy@vertaaux.ai. Full GDPR/CCPA rights details are in our main privacy policy.

Changes

Material changes to this extension privacy policy will be reflected in the “Last updated” date above and announced in the extension release notes on the Chrome Web Store.

Contact

Questions about the extension’s privacy practices: privacy@vertaaux.ai. Data controller: Digitaltableteur Tmi, trading as VertaaUX, Finland.