threatlens-privacy-policy

ThreatLens Privacy Policy

Last updated: 2025-04-25

Introduction

ThreatLens is a browser extension that overlays live open-source threat intelligence on every webpage you visit. We respect your privacy and collect only the minimal data needed to provide our core functionality.

Data We Collect

1. API Keys
   • AbuseIPDB, Shodan, VirusTotal, ViewDNS.info API keys
   • Stored securely in your browser’s chrome.storage.sync.
2. Visited Domain/IP
   • We read the URL or resolved IP of the site you’re browsing to fetch OSINT data.
   • We do not record, store, or share your browsing history beyond the single domain/IP lookup.
3. Cached Lookup Results
   • Locally cached in chrome.storage.local:
     • IP lookups (5 min TTL)
     • Domain WHOIS (7 days TTL)
   • Caching improves speed and reduces API calls; no data leaves your browser unless you revisit a site.

Data We Do Not Collect

• Personal Identifiable Information (PII) such as your name, email, or address
• Health, financial, or location data of your device
• Page content, keystrokes, or any form of user behavior tracking

How We Use & Share Data

• All requests go directly from your browser to the OSINT APIs you’ve configured.
• We do not send any data to our own servers.
• We do not sell, rent, or transfer your data to third parties.

Security

• API keys are stored only in chrome.storage.sync (encrypted by the browser).
• No remote scripts or code are ever fetched—only data.