Browser Extension Privacy

Privacy and data handling for NeutralAI Interceptor

This page is the canonical privacy policy target for NeutralAI browser store listings. It covers how the extension signs users in, accesses supported AI web apps, performs masking, and sends metadata-only telemetry.

What the extension accesses

NeutralAI Interceptor only operates on supported AI web apps. It watches user-entered prompt fields on supported hosts so it can mask sensitive data before a prompt is submitted.

The extension stores user settings such as shield status, stealth mode, zero-retention mode, auth gate state, managed policy overrides, and a retry buffer for telemetry events inside browser-managed extension storage.

Self-serve users authenticate through https://app.neutralai.co.uk. Managed enterprise deployments can provide centrally controlled policy values instead of requiring each user to complete popup sign-in.

Network calls and purpose

Sign-in and session checks

https://app.neutralai.co.uk/auth/signin and https://app.neutralai.co.uk/api/auth/session

Extension auth context

https://app.neutralai.co.uk/api/extension/auth-context

Masking API

https://api.neutralai.co.uk/v1/shield/mask

Remote config

https://api.neutralai.co.uk/api/v1/extension/config

Extension telemetry

https://api.neutralai.co.uk/api/v1/extension/telemetry

Telemetry and retention

Telemetry is metadata-only. Prompt or message bodies are not intended to be stored as telemetry, and sensitive keys such as prompt, content, message, body, and token or secret fields are dropped or redacted before persistence.

Extension telemetry flows to https://api.neutralai.co.uk/api/v1/extension/telemetry and follows the redaction contract documented in OBS-009 Extension Telemetry Contract and Redaction Rules.

Telemetry can be disabled by policy or configuration, and a zero-retention masking mode is available for flows that should avoid remote masking requests.

Open browser extension supportReturn to install guideView PII benchmarkOpen developer portal