Extension privacy policy
What the Redactor browser extension does with your text, what stays on your device — everything, as far as we're concerned — and what it can't cover. Your prompts are processed locally and are none of our business, by architecture, not by promise.
Last updated: 6 July 2026 · Applies to the Redactor extension for Chrome and Chromium browsers
The short version
- Everything is processed locally. Your draft is scanned by the free Redactor app on your own machine, over a local pipe. It is never sent to ZERODOTFIVE or any other server of ours.
- Your prompt goes only where you were already sending it — to the AI site you're using (ChatGPT, Claude, or Gemini). The extension changes what's in the message, not where it goes, and adds no destinations of its own. What it can and can't scrub before the send is spelled out under “Honest limits” below.
- No analytics, no telemetry, no accounts, no cookies in the extension. It contains no tracking code and originates no network requests of its own.
- Redaction maps live in memory only, per tab, and die with the tab. The extension writes none of your text to disk — ever.
- It requires the free Redactor app for macOS running on your Mac — the app is the engine; the extension is the hands.
What the extension does
The extension has one job: detect and redact secrets, credentials, and personal data (PII) in text you're about to send to a supported AI chat site — chatgpt.com, chat.openai.com, claude.ai, and gemini.google.com. It has no access to any other website.
- Scrub on send. When you hit Enter or click send, your draft is scanned by the Redactor app's local engine (the same one the macOS app ships — 245 secret rules and 20 PII rules) and matched values are replaced with tokens before the message goes out. A visible “N items scrubbed” chip with Undo shows exactly what changed.
- Restore on copy. When you copy a model reply that contains tokens, the real values are put back — locally, from the in-memory map for that tab.
- Blocked, not silent. If the Redactor app isn't reachable, the send is blocked and the extension tells you. Unscrubbed text leaves only if you explicitly click “Send anyway (unscrubbed)” — never silently.
What data it handles
To do its job, the extension reads text on the four supported sites. All of this processing happens on your device — but local processing is still data handling, so here it is, plainly:
Your draft text
The content of the compose box on the supported sites — which can include personal data, credentials, API keys, and private communications. That's the point: scanning that text for secrets is the product. It's read, scanned, rewritten with tokens, and not retained beyond the in-memory map described below.
While you type
An idle draft scan (after a short pause in typing) shows a badge count of detected items, and on ChatGPT and Claude a network-layer safety net scrubs matched request bodies that sites send while you compose. Same engine, same locality — nothing is stored or transmitted to us.
Copied replies
When you copy a model reply on a supported site, the extension checks it for redaction tokens so it can restore the original values from the tab's in-memory map. This happens only on the four supported sites.
Value-free counters
The extension reports how many items were scrubbed to the local Redactor app so the menu bar can show a running count. Each record is exactly two integers — counts only, never values, labels, or any of your text.
Where your text goes — and where it doesn't
- To the Redactor app on your Mac: your draft travels over Chrome's native-messaging pipe — a local stdio connection between the browser and an app process on the same computer. It never touches the network.
- To the AI site you're using: the scrubbed prompt, sent by the site's own page as it normally would be. The extension changes what's in the message, not where it goes.
- To us: nothing. ZERODOTFIVE operates no servers for the extension. It phones nothing home — no crash reports, no usage statistics, no identifiers. We couldn't look at your prompts if we wanted to; they never reach us.
Storage & retention
- Redaction maps (token → original value) are kept per tab, in extension memory only. They are never written to disk, never put in Chrome's extension storage, and never synced. Each map is bounded (500 entries / 256 KB per tab) and is deleted when you close the tab or navigate to a different site.
- Nothing else is stored. The extension keeps no history, no logs of your text, and no copies of your prompts. Uninstalling the extension removes everything it ever held.
- On the app side, the Redactor app keeps a value-free running count of browser redactions (numbers only). What the app itself does and doesn't store is covered on the Security & Transparency page.
Sharing, selling, and limited use
We do not sell, rent, trade, or transfer any user data to anyone — full stop. Since the extension sends us nothing, there is nothing we could sell. We do not use data from the extension for advertising, creditworthiness, lending, or any purpose beyond the single purpose described on this page.
The extension's use and transfer of information complies with the Chrome Web Store User Data Policy, including the Limited Use requirements: data is used only to provide the single, user-facing feature described here, and is never transferred to third parties, used for advertising, or read by humans.
The companion app is required
The extension does not work on its own. It needs the free Redactor app for macOS installed and running — the app hosts the detection engine and the native-messaging endpoint. Without it, the extension shows “Install/launch Redactor.app” in its popup and blocks sends on supported sites rather than pretending to protect you.
Honest limits
Redactor is a seatbelt, not a guarantee. So that this page never oversells:
- File and image uploads are not scanned. The engine is text-only. A file or screenshot you attach to a chat goes out exactly as-is.
- Typing-phase and network coverage is best-effort and fails open by design — it will never break your send, which also means a partially typed secret can reach the site in a background request before the engine can catch it.
- Gemini has no network-layer safety net — on
gemini.google.comonly the on-page layer applies. - Detection is rule-based (245 secret + 20 PII rules), deterministic and best-effort — not a guarantee that every secret is caught.
- Restore is tab-scoped and volatile. Close the tab and the map is gone — by design. If a map is ever lost, the extension says so instead of failing silently.
Your choices & your rights
- Turn it off any time: disable or remove the extension at
chrome://extensions. Removal deletes everything it held; closing a tab wipes that tab's map immediately. - GDPR: processing happens on your device, under your control; ZERODOTFIVE receives no personal data from the extension, so there is no extension data on our side to access, correct, export, or delete. If you email us, the handling described in our website Datenschutzerklärung applies, including your rights under Art. 15–21 GDPR and your right to complain to a supervisory authority (for us: the Hamburg data protection authority, HmbBfDI).
- Questions or concerns: email kontakt@zerodotfive.com. Security issues: see how to report a vulnerability.
Who is responsible
Managing director: Ayoub Umoru
Koederheide 2, 22149 Hamburg, Germany
Registered: Amtsgericht Hamburg, HRB 187078
E-mail: kontakt@zerodotfive.com · Impressum