Autofill Browser Privacy Policy

Effective date: May 23, 2026

Purpose

Autofill Browser helps users fill repetitive web forms from a profile and vault they control. The extension uses user data only to provide autofill, settings sync, domain controls, activity logs, and encrypted Secure Vault recovery.

Data We Process

• Profile data, such as name, email address, phone number, organization, postal code, and address fields.
• Autofill settings, domain allow/block preferences, and remote autofill safety rules.
• Google sign-in account identifiers used for sync, such as Google subject ID, email address, display name, and picture URL.
• Autofill event data, such as hostname, URL, field signature, profile key, event type, timestamps, and field values when logging is enabled by the extension behavior.
• Secure Vault data for reusable sensitive form values, such as bank branch or account details, stored as client-encrypted vault records.

Data We Do Not Intentionally Store

The extension is designed not to save or autofill passwords, one-time codes, verification codes, captchas, CVV/CVC values, or equivalent authentication secrets.

Storage and Security

Cloud sync is handled by a Cloudflare Worker and Cloudflare D1. Profile, settings, domain controls, and event logs are transmitted over HTTPS and encrypted by the service before being stored. Secure Vault values are encrypted on the client before sync. The raw Vault Key is not sent to the Worker or stored in D1.

Sharing and Sale

We do not sell user data. We do not transfer user data for purposes unrelated to Autofill Browser's single purpose, and we do not use user data for creditworthiness or lending decisions.

User Control

Users can edit or remove profile and vault data in the extension, disable autofill for domains, clear Chrome extension storage, or uninstall the extension. Removing synced data from the cloud may require contacting the developer through the Chrome Web Store listing support channel.