SparkVault Browser Extensions Package

Privacy Policy

SparkVault Secure Website Locker is designed with a strict privacy-first approach. All locked sites, site-specific passwords, master credentials, PINs, hints, unlock sessions, settings, and security key data are stored locally on your device only. The extension does not collect, transmit, sell, or share any data about your browsing activity or protected websites. Everything remains fully offline and under your control.

What data we do not collect

• We do not collect personal information such as names, emails, passwords, accounts, or profile data.
• We do not collect your browsing history, visited sites, page content, or behavioral activity.
• We do not collect or upload your locked sites list, master password hash, PIN hash, or security key file.
• We do not use analytics, tracking scripts, advertising identifiers, or any third-party data services.

Local-only operation

All operations—including website locking, domain/page matching, master password verification, PIN authentication, session tracking, security key recovery, and dashboard management—take place entirely inside your browser. No data is transmitted to external servers. Nothing leaves your device unless you manually export your vault or Security Key file.

Permissions

SparkVault Secure Website Locker uses the following permissions strictly to provide secure site-locking functionality:

• tabs — Used only to detect when protected sites are opened or closed, allowing temporary unlock sessions to expire when all tabs for a domain are closed. SparkVault never reads page content.
• storage — Used solely to save your locked sites, master credentials (hashed), PIN hash, settings, and unlock sessions locally on your device. Nothing is uploaded or synced.
• webNavigation — Required to intercept navigation and redirect locked URLs to the secure unlock screen before the page loads. SparkVault does not analyze webpage content or network data.
• <all_urls> — Needed to reliably detect access to any protected site across all domains. This permission is never used to track browsing or collect URL history.

These permissions are used only for secure local functionality and are never used to gather personal information or communicate with external servers of any kind.

Data visibility and control

You have full control over your vault at all times. You may edit, reset, or delete any locked site. You may export or import your vault manually. Uninstalling the extension deletes all locally stored data automatically, including your master credentials and locked sites list.

Optional future features

Future versions may introduce optional encrypted cloud backup or multi-device sync. Such features would require explicit user opt-in, secure authentication, and end-to-end encryption. No cloud features will ever activate automatically or without clear consent.

Security

All operations run inside your browser’s secure environment. Passwords, PINs, and security keys are stored only as cryptographic hashes. If optional cloud services are added in the future, they will use industry-standard encryption, zero-knowledge architecture, and hardened authentication methods.

Children’s privacy

SparkVault Secure Website Locker is not intended for children under 13. We do not knowingly collect or store any data from children. Any such data found will be removed immediately.

Policy changes

This policy may evolve as the extension expands. Any updates will appear on this page with a revised “Last updated” date. Major changes may be highlighted within the extension interface.

Contact

For privacy inquiries or support, contact: productivitymasterxultra@gmail.com .

Last updated: November 23, 2025