PromptShield privacy policy
Summary
PromptShield checks prompts for secrets and sensitive information before they are sent to supported AI chat websites. Prompt checks run locally inside your browser. PromptShield does not upload prompt text to KM Innovations or any external analysis service.
Data processed
PromptShield temporarily reads the text entered in a supported AI chat prompt field to detect API keys, tokens, secret assignments, personal information, internal URLs, and user-defined watchwords. This processing occurs on-device and only to provide prompt-safety warnings, blocking, and redaction.
Because prompts may contain sensitive material, the extension can locally process authentication information, personally identifiable information, personal communications, and website content. PromptShield does not collect, transmit, sell, rent, or share this content.
Storage and retention
PromptShield uses chrome.storage.local to retain extension settings and
basic counters on the user's device.
- Protection, strict-mode, and detection-category preferences
- Custom domains and watchwords entered by the user
- Paused-site preferences
- Local scan, warning, block, and redaction counters
PromptShield does not store prompt history. Local extension data can be removed by clearing the extension's data or uninstalling PromptShield.
Network activity and remote code
- No prompt text is uploaded for analysis
- No backend service or external AI API is used
- No extension telemetry or analytics events are sent
- PromptShield does not use remote code
- All executable extension code is included in the installed package
Permissions
The storage permission is used for local settings and counters. Access to supported AI chat websites is required to identify their prompt fields, inspect prompt text locally, show warnings, and intercept risky send actions. PromptShield does not access unsupported websites.
Supported services currently include ChatGPT, Claude, Gemini, Grok, Perplexity, and Microsoft Copilot.
Data use commitments
- User data is not sold or transferred to third parties
- User data is not used for purposes unrelated to prompt protection
- User data is not used to determine creditworthiness or for lending
The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
Policy webpage
This public policy page is hosted on the KM Innovations website, which uses Vercel Web Analytics for aggregate website usage and performance measurement. That website analytics implementation is separate from the PromptShield extension; the extension itself sends no analytics or telemetry.
Contact
Questions about PromptShield privacy can be sent to kminnovations.contact@gmail.com.