SecureFill Privacy Policy

SecureFill is a browser extension that fills form fields from a referenced source while keeping the actual field values out of the calling assistant's context. An assistant requests a fill by passing a single opaque reference; the extension resolves the values itself, writes them into the page, and returns only a status. This Policy explains what data the extension stores, what it transmits, and what it never does.

The extension stores the following on your device only, via the browser's extension storage:

Connection credential: set during pairing, used to authenticate to your configured backend.

Optional encrypted source: an encrypted blob set during pairing, used only by the client-held resolution mode.

Local configuration: a local connection id and related settings.

Nothing is stored on any SecureFill-operated server. The extension has no analytics and no third-party trackers.

When asked to fill, the extension sends the supplied reference and its stored credential to your own configured backend over HTTPS, and receives the field values (or a one-time key to decrypt the locally stored encrypted source). Values are written into the current page and then cleared from memory.

The extension transmits data only to your configured backend. It never sends data to any other destination.

It does not sell or share user data.

It does not transmit field values to the assistant or to any third party.

It does not collect browsing history or analytics.

storage — keep the pairing credential and configuration on the device.

webNavigation — find the active tab's frames so values reach the correct field, including inside embedded frames.

host access to the configured backend — fetch referenced values or one-time keys.

content scripts on web pages — fill fields on the page in use.

For privacy questions, contact the operator of the configured backend, or email privacy@creditclaw.com.