Back to KoraSafe privacy policy

KoraSafe Chrome Extension Privacy Policy

This policy explains how the KoraSafe Chrome Extension processes data when you use it to detect shadow AI activity, scan prompts for sensitive data, and apply organization governance policies in the browser.

1. Data processed locally

The extension evaluates supported AI chat pages in the browser to identify policy-relevant activity. Prompt text may be scanned locally for configured sensitive-data patterns such as email addresses, phone numbers, account identifiers, health identifiers, or custom organization rules.

Local scanning is used to show warnings, redactions, blocks, or policy notices before content is submitted to an AI service.

2. Data sent to KoraSafe

If you sign in with a KoraSafe organization account and enable cloud sync, the extension may send governance events to KoraSafe. Events can include page domain, event type, policy match labels, severity, timestamps, extension version, and other evidence needed for audit and governance review.

KoraSafe does not sell extension data. Raw prompt content is not sent as part of ordinary governance event reporting unless your organization explicitly configures a workflow that requires content capture.

3. Authentication and settings

The extension stores the API key in Chrome session storage so it is cleared when the browser session ends. Non-sensitive preferences, such as API URL and enabled state, may be stored using Chrome sync storage.

4. Permissions

The extension uses Chrome permissions to operate only on supported AI surfaces, refresh organization policy configuration, store local preferences, show the side panel, and observe supported AI API requests in read-only mode. The extension does not modify network requests.

5. Retention

Local session data is cleared by Chrome according to browser session behavior. Governance events sent to KoraSafe are retained according to your organization's KoraSafe retention settings and the main KoraSafe privacy policy.

6. Your choices

7. Contact

For privacy questions or requests, contact KoraSafe at Contact-us@korasafe.ai.

For the platform-wide policy, see KoraSafe Privacy Policy.

Last updated: June 17, 2026