The short version
- Permission Patrol does not collect, transmit, or share any personal data
- All data is stored locally on your device using
chrome.storage.localandchrome.storage.sync - Permission scanning, cookie classification, and tracker detection all run entirely on-device
- No account, email address, or personal information is ever required
- Uninstalling the extension permanently deletes all stored data
1. Who we are
Permission Patrol is a Chrome and Edge browser extension developed and maintained by Anish Monci Varghese as an independent project under Cheppulabs. It is distributed through the Google Chrome Web Store and the Microsoft Edge Add-ons store.
For questions about this policy, contact: chromeextensions@anishmoncivarghese.com
2. What data the extension stores
Permission Patrol stores the following data locally on your device only, using the browser's built-in storage APIs. This data never leaves your device and is never transmitted to any server.
Permission scan results — For each tab you visit, the extension temporarily stores:
- Browser permission states (camera, microphone, location, notifications, etc.)
- Active media streams (camera/microphone in use)
- Third-party iframe domains detected on the page
- Known tracker domains detected on the page
These results exist only while the tab is open and are deleted when the tab is closed or the extension is restarted.
Permission history — When a permission state changes (e.g. you grant camera access), the extension logs:
- The domain name
- The permission that changed
- The old and new state
- A timestamp
History entries are stored locally and can be cleared at any time from the side panel.
Tracker sightings — The Tracker Map stores:
- Tracker domain names (e.g.
google-analytics.com) - Which sites each tracker was detected on
- First-seen and last-seen timestamps
Tracker data is stored locally with a cap of 200 trackers (oldest are pruned). You can clear all tracker data from the panel.
User settings — Your preferences are stored using chrome.storage.sync:
- Cookie Auto-Decline on/off
- Optional permission grants (webRequest, cookies)
3. What data the extension does NOT collect
- No personal identification information (name, email, phone number)
- No browsing history sent to any server
- No analytics or usage telemetry
- No crash reports sent externally
- No advertising identifiers
- No page content (the extension never reads what's on a page, only its metadata)
- No cookie values (the Cookie Inspector reads cookie names, domains, and flags — never the cookie values themselves for tracking purposes)
4. How permission scanning works
Permission Patrol uses two browser APIs to detect permission states:
chrome.contentSettings— reads site-level permission settings (camera, microphone, location, cookies, popups, JavaScript) for the current domainnavigator.permissions.query()— a content script queries the browser's Permissions API for real-time permission states and listens for changes via theonchangeevent
Both APIs are provided by the browser itself and operate entirely locally. No network requests are made to detect permissions.
5. How Cookie Auto-Decline works
When enabled, a content script runs on each page and looks for cookie consent banners from 18 known Consent Management Platforms (OneTrust, CookieBot, Quantcast, Didomi, and others). When a banner is detected, the script automatically clicks the "Reject All" or "Decline" button.
This feature does not block cookies. It dismisses consent banners to reject optional (analytics/advertising) cookies. Essential cookies that sites need to function are not affected.
The feature is off by default and can be toggled at any time from the side panel.
6. How the Cookie Inspector works
When you grant the optional cookies permission, the extension uses chrome.cookies.getAll() to read cookies set for the current domain. Each cookie is classified locally using a built-in database of 40+ known cookie patterns (Google Analytics, Facebook Pixel, etc.) into categories: analytics, advertising, functional, session, or social.
Cookie data is read on-demand when you open the Cookie Inspector view and is never stored persistently. Cookie values are displayed to you in the panel but are never transmitted anywhere.
7. Permissions used and why
| Permission | Why it's needed |
|---|---|
| activeTab | Read the current tab's URL and domain to display permission information in the side panel. |
| tabs | Detect tab switches and navigation events so the panel updates when you change tabs. |
| contentSettings | Read and toggle site-level permissions (camera, microphone, location, cookies, popups, JavaScript) for the current domain. |
| sidePanel | Display the extension's dashboard as a browser side panel. |
| storage | Save permission history, tracker sightings, and user settings locally on your device. |
| webNavigation | Detect page navigations (including single-page app transitions) to trigger permission re-scans. |
| webRequest (optional) | Detect third-party cookie requests in network traffic. Only requested when you enable cookie tracking features. |
| cookies (optional) | Read cookies set by the current site for the Cookie Inspector view. Only requested when you open the Cookie Inspector. |
| <all_urls> (host permission) | Required so the content script can run on any website to detect permissions, trackers, third-party iframes, and cookie consent banners. The extension never reads page content — only metadata (scripts, iframes, cookie banners). |
8. Data sharing and third parties
Permission Patrol does not share any data with any third party — because no data ever leaves your device.
There is no analytics provider, no advertising network, no crash reporting service, and no backend infrastructure of any kind. The extension has no server-side component.
9. Data retention and deletion
Data is retained locally on your device until you delete it:
- Permission scan results: Deleted automatically when the tab is closed
- Permission history: Persists until you clear it from the side panel
- Tracker sightings: Persist until you clear the Tracker Map, with automatic pruning at 200 entries
- Settings: Persist until you change them or uninstall the extension
- All data: Permanently and completely deleted when the extension is uninstalled from your browser
10. Children's privacy
Permission Patrol does not knowingly collect any personal information from anyone, including children under the age of 13. Because no personal data is collected, transmitted, or stored with any identifying information, the extension does not present specific risks to children's privacy. However, it is intended for general adult use as a productivity tool.
11. Changes to this policy
If this privacy policy changes materially — for example, if a future version of the extension adds any form of data collection — the updated policy will be posted at this URL with a revised "Last updated" date, and the change will be noted in the Chrome Web Store and Edge Add-ons release notes.
We will never introduce remote data collection without updating this policy and providing clear disclosure in the extension update notes.
12. Your rights
Because Permission Patrol does not collect or store any personal data on external servers, there is no personal data held by us to access, correct, export, or delete. All data exists solely on your own device under your own control.
To delete your data: open the side panel, clear Permission History, clear the Tracker Map, or simply uninstall the extension.
13. Contact
If you have any questions about this privacy policy or the extension's data practices, please contact:
Permission Patrol — Anish Monci Varghese
Email: chromeextensions@anishmoncivarghese.com