Extension privacy policy

How the Avoid AI Writing browser extension handles your data.

The short version

The extension scans your text locally inside your browser. It does not transmit, log, or store the text you type on any server. No account. No analytics that see your content.

Your text only leaves your browser when you explicitly click the "Run a deep audit & rewrite the text" button. That opens the web app (avoidaiwriting.com) with your text handed off to it so you can pay for a full Claude-powered audit. The handoff is always opt-in and shown with a consent line.

What the extension does locally

  • Pattern detection. When you click the scan button, the extension runs about 36 categories of regular expressions against the text in the focused text field. This happens entirely in your browser's JavaScript engine.
  • Score and highlight rendering. Results are rendered inside a shadow-DOM panel next to the scanned field.
  • Per-tab badge. After a scan the extension icon shows the issue count for that tab. Each tab tracks its own count; switching tabs shows that tab's badge.

What the extension stores

Two storage areas are used, both scoped to the local browser profile:

  • chrome.storage.local holds the options-page preferences: whether the floating scan button is shown, and a per-user list of domains you've chosen to disable the extension on. These stay on this device and are not synced across Chrome profiles.
  • chrome.storage.session is used briefly to hand scanned text to the web app when you click the deep-audit button. The entry is written at click time and removed by the web app as soon as it reads the text. If the web app doesn't read it within 60 seconds, the entry is discarded. This area is cleared automatically when the browser session ends.

Beyond those two, nothing is stored. The scanned text itself is never persisted to disk. It lives in memory while the results panel is open, and is discarded when the panel closes.

What the extension sends over the network

Nothing, unless you explicitly click the deep-audit button inside the results panel. If you click that button:

  • The extension writes your scanned text intochrome.storage.session (local to this browser) and opens a new tab to avoidaiwriting.com/#deep-audit. Your text is not included in the URL. Chrome never transmits the storage.session entry across the network; it's read by the web app content script running in the new tab.
  • When the new tab loads, its React app asks the extension for the stashed text via postMessage scoped to the same origin. The extension reads fromchrome.storage.session, clears the entry, and replies to the page with the text. The web app fills its textarea and strips any URL hash so a later copy or share of the tab URL carries nothing.
  • If chrome.storage.session is unavailable (rare), the extension falls back to handing off text via URL fragment (#text=...). URL fragments are not sent to servers and don't appear in access logs or Refererheaders, but they do show up in browser history.
  • From there the deep-audit flow is identical to the web app's standard flow. You pick either a Solana burn payment or a credit pack, and after payment the web app sends your text to the Claude API through its own audit endpoint.

Permissions the extension requests

  • Host permissions on all URLs. Required so the scan button can appear on any text field you focus, regardless of the site. The manifest explicitly excludes a set of sensitive origins (banking, authentication pages, password managers, payment services) so the extension never injects there.
  • storage. Used for the options-page preferences and the short-lived deep-audit handoff described above.

What we don't do

  • No analytics or telemetry is collected about your usage.
  • No scanned text is ever sent to a third-party service.
  • No account or sign-in is required to use the extension.
  • No ads, no tracking pixels, no third-party scripts.
  • Your text is not used to train any model.

Changes to this policy

If this policy changes, the updated version will be posted at this URL. Material changes that affect how user data is handled will be reflected in the extension's manifest.json as a version bump.

Last updated: April 22, 2026.

Data controller

The Avoid AI Writing browser extension is published by Conor Bronsdon, operating as a self-employed trader. Conor Bronsdon is the data controller for any personal data the extension collects (which, as described above, is none beyond locally-stored preferences).

Mailing address:
5729 Littlerock Rd SW Ste 107 PMB 252
Tumwater, WA 98512-7386
United States

Contact email: support@fernwillowholdings.com

Contact

Questions about the extension's data practices: email support@fernwillowholdings.com, reach out via @avoidaiwriting on X, or post in Telegram.