Privacy Policy
- Last updated:
- June 16, 2026
- Extension:
- site-lock (browser extension for Chrome and compatible browsers)
- Contact:
- gtchakama@gmail.com
Overview
site-lock (“the Extension”) helps you block or password-protect websites you choose. This policy explains what information the Extension accesses, how it is stored, and your choices.
The Extension is designed to work entirely on your device. The developer does not operate servers that collect your browsing activity or passwords.
Information the Extension accesses
| Data | Why | Where it is stored |
|---|---|---|
| Website URLs / hostnames | Match your protection rules when you visit a site | Processed in memory; matching domains may be written to the activity log |
| Page titles & favicons (Quick Lock only) | Show open tabs so you can select sites to lock | Processed locally; not uploaded |
| Protection rules (domains, modes, settings) | Core functionality | chrome.storage.sync (browser profile sync) |
| Master password | Unlock protected sites | Stored as a bcrypt hash only in chrome.storage.sync — never plain text |
| Activity log (blocked / unlocked / failed attempts) | Optional history in the extension UI | chrome.storage.local on your device |
| Temporary unlock sessions | Remember time-limited access after a correct password | chrome.storage.local |
| Theme, overlay branding, backup preferences | Appearance and optional auto-backup | chrome.storage.local |
| WebAuthn credential ID (optional) | Biometric gate for changing the master password | chrome.storage.local |
What we do not collect
- We do not collect passwords in plain text.
- We do not sell, rent, or share your data with advertisers or data brokers.
- We do not send your browsing history, page content, or rules to developer-operated servers.
- We do not use analytics or tracking SDKs in the Extension.
Sync and backups
- Chrome sync: If you are signed into Chrome, rules and your password hash may sync across your devices via Google’s sync infrastructure, subject to Google’s privacy policy.
- Backups: You may export or schedule local JSON backups (rules, logs, settings). Backups exclude the master password hash. Backup files are saved to your device only.
Permissions
The Extension requests browser permissions solely to provide its features (blocking, Quick Lock, context menu, scheduled backup). Permission justifications are available in the Chrome Web Store listing.
Fake error and loader screens
If you enable “fake loader” or “fake error” modes, the Extension displays user-configured loading or error-style screens on sites you have chosen to block. These are for personal productivity and self-imposed access control on your own browser.
Data retention and deletion
- Uninstall the Extension to remove locally stored data (chrome.storage.local).
- Synced data may remain in your Chrome profile until you remove it from sync storage or delete your Chrome profile data.
- You can clear the activity log and delete rules from within the Extension at any time.
Children
The Extension is not directed at children under 13, and we do not knowingly collect information from children.
Changes
We may update this policy. The “Last updated” date will change when we do. Continued use after changes constitutes acceptance of the updated policy.
Contact
Questions about this policy: gtchakama@gmail.com. You can also reach out to the developers in other ways.