🔒 Privacy Policy

EdgeRun.Ai Security Extension

Introduction

EdgeRun.Ai ("we," "our," or "us") is committed to protecting the privacy and security of our users. This Privacy Policy describes how the EdgeRun.Ai Security Extension ("Extension") collects, uses, stores, and protects information when you use our Chrome browser extension.

The EdgeRun.Ai Security Extension is a professional cybersecurity investigation tool designed for Security Operations Center (SOC) analysts, threat hunters, and security professionals. This Extension is intended for use within organizational security workflows and requires user authentication.

Summary of Data Practices

Data Type	Collected	Stored Locally	Transmitted	Purpose
Account credentials	Yes	Tokens only	Encrypted (HTTPS)	Authentication
Visited URLs	User-initiated only	Temporarily	To your organization's server	Investigation tracking
Page content	User-initiated only	No	To your organization's server	IOC detection
Engagement metrics	During active sessions only	Temporarily	To your organization's server	Investigation analytics
Browser information	Limited	No	Minimal	Extension functionality

Information We Collect

1. Account Information

When you create an account or log in to the Extension, we collect:

• Email address: Used for account identification and authentication
• Name: First and last name for account personalization
• Authentication tokens: Securely stored locally to maintain your session

2. Investigation Data (User-Initiated Collection Only)

The Extension collects the following data only when you explicitly start an investigation session:

URL and Page Data

• URLs of pages you visit during active investigation sessions
• Page titles and meta descriptions
• Page content for Indicator of Compromise (IOC) detection

Behavioral Analytics

When URL tracking is enabled during an investigation session, we collect:

• Dwell time: Time spent on each page
• Scroll activity: Number of scroll events
• Click activity: Number of click events
• Focus time: Time the page was actively focused
• Idle time: Time with no user activity
• Exit type: How you left the page (navigation, close, back button, etc.)

IOC Detection Data

The Extension automatically scans page content to detect potential Indicators of Compromise including:

• IP addresses (IPv4 and IPv6)
• Domain names
• URLs
• File hashes (MD5, SHA1, SHA256)
• Email addresses

3. Technical Information

We collect limited technical information necessary for Extension functionality:

• Browser user agent string
• Extension version
• Tab identifiers (for internal tracking purposes only)

4. Information We Do NOT Collect

How We Use Your Information

Primary Purposes

1. Authentication: To verify your identity and maintain secure sessions
2. Investigation Tracking: To record and organize URLs and IOCs relevant to your security investigations
3. Threat Intelligence: To detect and analyze potential security threats
4. Analytics: To provide engagement metrics that help assess investigation thoroughness
5. Session Management: To track active investigation sessions and ensure data is attributed correctly

We Do NOT Use Your Data For

• Advertising or marketing purposes
• Selling to third parties
• Behavioral profiling unrelated to security investigations
• Any purpose other than security investigation support

Data Storage and Transmission

Local Storage

The Extension uses Chrome's local storage API (chrome.storage.local) to store:

• Authentication tokens (access and refresh tokens)
• Session identifiers
• User preferences and settings
• Active investigation state

This data is stored locally on your device and is cleared when you log out.

Data Transmission

All data transmission occurs:

• Over HTTPS: All connections use TLS 1.2 or higher encryption
• To your organization's server: Data is sent to the backend server configured by your organization
• With authentication: All API requests include secure authentication tokens

Data Retention

• Local data: Cleared immediately upon logout
• Server-side data: Retained according to your organization's data retention policies
• Session data: Active investigation data is batched and submitted periodically (every 30 seconds) or upon session end

Permissions Explained

The Extension requires the following Chrome permissions:

Permission	Purpose	Data Access
storage	Store authentication tokens and settings locally	Local storage only
activeTab	Interact with the current tab for data capture	Current tab only, user-initiated
tabs	Monitor tab changes during investigations	Tab URL and title only
contextMenus	Provide right-click menu options	No data access
notifications	Display status notifications	No data access
webNavigation	Track page navigation during investigations	Navigation events only
scripting	Inject content scripts for IOC detection	Page content during active sessions
sidePanel	Display investigation results panel	No additional data access

Host Permissions

The Extension requires access to:

• Your organization's API server (e.g., https://api.yourdomain.com)
• All URLs (<all_urls>) for content script injection during IOC detection

User Rights and Controls

You Have the Right To

1. Control data collection: URL tracking only occurs when you explicitly start an investigation session
2. Stop tracking: End your investigation session at any time to stop all data collection
3. Clear local data: Log out to clear all locally stored data
4. Access your data: View all captured data through the investigation dashboard
5. Delete data: Request deletion of your data through your organization's data management policies

How to Control Your Data

• Start/Stop Tracking: Use the Extension popup to start or end investigation sessions
• View Captured Data: Access the Investigations page to see all collected data
• Logout: Click the logout button to clear all local authentication data
• Uninstall: Remove the Extension to stop all functionality

Data Sharing and Third Parties

We Share Data With

1. Your Organization: All investigation data is transmitted to your organization's backend server
2. Threat Intelligence Services: When configured, the Extension may query:
   • AlienVault OTX (for threat intelligence)
   • AbuseIPDB (for IP reputation)
   • WhoisXML API (for domain information)

We Do NOT Share Data With

• Advertising networks
• Data brokers
• Any unaffiliated third parties
• Any parties not explicitly configured by your organization

Security Measures

We implement industry-standard security measures including:

• Encryption in transit: All data transmitted via HTTPS/TLS
• Token-based authentication: JWT tokens with expiration and refresh mechanisms
• Multi-Factor Authentication (MFA): Optional TOTP-based MFA support
• Content Security Policy: Strict CSP implementation in the Extension
• Input validation: All user inputs are validated and sanitized
• Secure storage: Authentication tokens stored in Chrome's secure storage API

Children's Privacy

The EdgeRun.Ai Security Extension is a professional security tool and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Updating the "Last Updated" date at the top of this policy
• Providing notice through the Extension (for significant changes)

We encourage you to review this Privacy Policy periodically for any changes.

Compliance

This Extension is designed to comply with:

• Chrome Web Store Developer Program Policies
• General Data Protection Regulation (GDPR) principles
• California Consumer Privacy Act (CCPA) requirements

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Acknowledgment

By installing and using the EdgeRun.Ai Security Extension, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.