QA
QA Toolkit
Privacy Policy
Chrome Extension · MV3

Privacy Policy

Effective: May 20, 2026  ·  Last updated: June 2, 2026
No data collected Nothing is gathered, stored externally, or transmitted
Local only All preferences stay on your device
No external servers The extension makes no outbound network requests
No third parties No analytics, ads, or data-sharing services
01

Overview

QA Toolkit is a browser-based developer and QA tool. All features run entirely within your browser — no data ever leaves your device.

Visual inspection — CSS Inspector, Pixel Ruler, Color Picker, and iFrame overlay inject UI overlays into the active page. They do not read or transmit page content.

Network inspection — the Redirect Checker observes navigation requests for the active tab (URLs and HTTP status codes) in memory to display the redirect chain. The Mock Server can intercept fetch and XMLHttpRequest calls, return configured mock responses, and optionally log real network requests temporarily in memory while the popup is open. This log is never stored persistently and is never transmitted.

Header modification — the User Agent Switcher overrides the User-Agent request header for the current tab only, using a session rule that is automatically removed when Chrome closes.

Content inspection — the OG Inspector and JSON Formatter read the active tab's content to display or format it. No data is transmitted externally.

Image generation — the Lorem img tool generates placeholder test images entirely within your browser using the Canvas API. All rendering is local; no image data is sent to any server. Generated images are either downloaded to your device or copied to the clipboard — both actions are user-initiated and local-only.

No personal information is collected, transmitted, or shared with any external party under any circumstances.

02

Data We Do Not Collect

The extension does not collect, store externally, transmit, or sell any of the following:

  • Browsing history or page content
  • Form inputs, passwords, or credentials
  • Cookies or session tokens
  • Personally identifiable information
  • Location data or device identifiers
  • Usage analytics or telemetry of any kind
03

Local Storage

The extension uses the Chrome storage.sync and storage.local APIs to save your preferences on your device. This includes:

  • Enabled/disabled state and display order for each plugin
  • Selected interface language
  • JSON Formatter theme selection and active state
  • Mock Server rules you have configured and the last Response Body textarea height
  • Color Picker history
  • User Agent overrides
  • Lorem Ipsum preferences (text type, character count, paragraph count)
  • Lorem img preferences (image size, background style, colors, label, format, quality, EXIF orientation)
  • Last selected country and last generated synthetic record in the User Data Generator (randomly generated test data — not real personal information)

Preferences stored in storage.sync may be synced across your own devices by Chrome if you have Chrome Sync enabled. This sync is handled entirely by Google's Chrome infrastructure — the extension itself does not transmit any data.

The User Data Generator produces entirely synthetic, randomly generated test data (names, addresses, phone numbers, emails). It does not collect, read, or store any real personal information from you or from visited pages.

The Mock Server network log (URLs, HTTP methods, status codes, and response bodies) is held only in the popup's JavaScript memory while the popup is open. It is not written to chrome.storage and is discarded when the popup closes.

You can clear all stored preferences at any time via the Reset All Settings button in the extension's Settings page, or by removing the extension from Chrome.

04

Permissions Explained

Each permission exists for a specific, minimal purpose:

activeTab
Grants temporary access to the current tab when you interact with the extension. Used to apply visual tools to the active page.
scripting
Allows injecting CSS/JS overlays into pages. No injected code reads or exfiltrates page content.
storage
Used exclusively to save your local preferences. All data stays on your device.
webRequest
Used by the Redirect Checker to observe main-frame navigation in real time, recording each hop's URL and status code in memory. No data is transmitted externally.
declarativeNetRequest
Enables rule-based modification of page resources. All rules are applied locally and defined by you.
tabs + <all_urls>
Required to detect the active tab, inject content scripts, and apply tools across all sites. Tab URLs are processed in memory only — never stored persistently or transmitted.
05

Third Parties

This extension does not integrate with any third-party analytics, advertising, or data-processing services. No data is shared with or sold to any third party under any circumstances.

06

Children's Privacy

This extension does not knowingly collect any data from anyone, including children under 13. Because no data is collected at all, COPPA obligations do not apply in practice.

07

Changes to This Policy

If the extension is updated in a way that changes data handling practices, this policy will be updated accordingly and a new effective date will be set. Continued use of the extension after such changes constitutes acceptance of the revised policy.

08

Contact

Questions about this privacy policy or the extension's data practices? Reach out at qa.toolkit.extension@gmail.com