Privacy Policy

This Privacy Policy describes how the Power User - Sentinel Audit Bot ("Extension," "we," "us," or "our") handles data when you utilize our automated accessibility (A11y) and structural web audit extension. We are strictly committed to maximizing user and developer data privacy by minimizing data collection and adhering to localized production evaluation architectures.

Privacy Axiom: The Sentinel Engine performs web scanning locally within your client browser instance. Source code, Document Object Model (DOM) layouts, and scanned asset configurations never leave your machine during standard processing operations.

1. Data Minimization & Collection Safeguards

1.1 Customer & Account Identity Data

To provision premium features and billing tracking, we gather limited, explicitly provided credentials:

  • Authentication Profiles: Email address, unique customer identifiers, and basic authentication metadata managed via securely hashed third-party platforms (e.g., Firebase Authentication).
  • Transaction Ledgers: Transaction records, subscription states, and invoice IDs.

1.2 Payment Processing (PayPal)

Our payment processing is facilitated by PayPal. When you purchase a Premium Tier subscription, PayPal processes the transaction securely.

PayPal shares limited transaction confirmation data with us to enable and manage your Premium Tier subscription, including your email address and subscription status. We do not receive, store, or have access to your raw financial information, credit card numbers, or bank account details. All payment-related data handling is governed by PayPal's Privacy Statement.

1.3 Technical & Operational Analytics

To enhance performance optimization and debug structural application crashes, the Extension may transmit telemetry tracking logs. This is strictly non-identifiable and covers window performance, extension panel response metrics, and error stack traces decoupled from your identity profile.

2. Processing of Audited Code and Data

The Extension’s core competency relies on inspecting DOM trees to assess accessibility milestones:

  • No Code Exfiltration: Local HTML nodes, attribute layouts, text combinations, and asset paths are evaluated strictly inside the local production script memory context.
  • Evaluation Dump Files: Spreadsheets and automated reports compiled by the Extension are rendered within the client browser and written directly to your local file path. No data is routed to cloud storage unless explicitly requested by you.

3. Regulatory Adherence

GDPR / CCPA Harmonization: Because processing remains entirely decentralized, we act as a Data Processor. Users retain full access to modify, export, or permanently drop identity profiles via their management dashboard.