Privacy Policy

AdFlow Network Inspector Browser Extension

Last Updated: January 4, 2026

Overview

AdFlow Network Inspector ("we," "our," or "the extension") is a browser extension designed for developers, ad operations teams, and technical professionals to debug and analyze advertising technology (adtech) network requests. This privacy policy explains how we handle data when you use AdFlow Network Inspector.

                Our Core Privacy Principle: Your data stays on your device by default. We do not 
                collect, store, or transmit any of your browsing data to our servers unless you explicitly enable 
                optional AI-powered features.
            

1. Data Collection and Usage

1.1 What Data the Extension Accesses

To provide debugging functionality, AdFlow Network Inspector intercepts and analyzes network requests made by websites you visit. This includes:

URLs and domains of network requests
HTTP headers (both request and response)
Request and response payloads (body content)
Timing information (when requests started, duration, etc.)
Page DOM elements (when using the element picker feature)

1.2 How Data is Stored

All captured data is stored locally in your browser using Chrome's built-in storage APIs. Specifically:

Network request data is stored in browser memory (RAM) while the extension is active
User preferences and settings are stored in chrome.storage.local
Data is cleared when you close the browser tab or navigate to a new page
No data is persisted across browser sessions unless explicitly saved by you using the export feature

Important: We do not have access to your locally stored data. It never leaves your device unless you explicitly use AI features (see section 2 below).

1.3 Data We Do NOT Collect

Personal browsing history
Passwords or authentication credentials
Credit card or payment information
Personal identification information (PII)
Analytics or usage telemetry
Cookies from websites you visit

2. AI-Powered Features (Optional)

AdFlow Network Inspector offers optional AI-powered analysis features to help explain network requests and detect issues. These features are opt-in and disabled by default.

2.1 Two Operation Modes

Direct Mode (Bring Your Own API Key)

You provide your own Anthropic Claude API key
The extension sends request data directly from your browser to Anthropic's API (https://api.anthropic.com)
Your API key is stored locally in chrome.storage.local on your device
We never see your API key or the data you send to Anthropic
You are subject to Anthropic's Privacy Policy

Backend Mode (Our Proxy Server)

Request data is sent to our backend proxy server (https://adflow-api.adflow.workers.dev)
Our server forwards the request to Anthropic's API using our API key
We do not log, store, or retain any of the data sent to our backend
Data is processed in-memory only and discarded immediately after generating the response
Our backend is hosted on Cloudflare Workers (covered by Cloudflare's Privacy Policy)

Data Sent to AI Services: When you use AI features, the following data from network requests may be sent to Anthropic's API:

Request URLs and domains
Decoded request/response payloads
HTTP headers (sanitized of sensitive tokens when possible)
Vendor and request type metadata

This data may contain advertising IDs, bid prices, or other ad-related information. Do not use AI features if you are analyzing requests containing sensitive or confidential data.

2.2 Disabling AI Features

You can disable AI features at any time by:

Opening the extension settings
Removing your API key (Direct Mode)
Switching AI mode to "Disabled"

The extension will continue to function normally for request capture and analysis without AI features.

3. Permissions Explanation

AdFlow Network Inspector requires the following browser permissions to function. Here's why we need each one:

3.1 `webRequest` Permission

Allows the extension to intercept and inspect network requests made by web pages. This is the core functionality that enables debugging of adtech requests.

3.2 `<all_urls>` Host Permission

Required to capture network requests from any website you visit. Advertising requests can come from hundreds of different domains, so we need broad access to analyze them effectively.

3.3 `storage` Permission

Used to save your preferences, settings, and optionally your AI API key locally on your device.

3.4 `tabs` and `webNavigation` Permissions

Allows the extension to track which browser tab each request belongs to and reset capture when you navigate to a new page.

3.5 `scripting` Permission

Enables the element picker feature that lets you select ad slots on the page to see related network requests.

3.6 `sidePanel` Permission

Displays the extension's user interface in Chrome's side panel for easier debugging.

4. Data Sharing and Third Parties

4.1 Third-Party Services

AdFlow Network Inspector may interact with the following third-party services only when you explicitly enable AI features:

Anthropic Claude API - AI language model for request analysis (Privacy Policy)
Cloudflare Workers - Hosting for our optional backend proxy (Privacy Policy)

4.2 No Data Selling

We do not sell, rent, or trade your data to third parties. We do not monetize user data in any way.

4.3 No Analytics or Tracking

AdFlow Network Inspector does not include any analytics, tracking, or telemetry. We do not collect information about how you use the extension.

5. User Control and Data Deletion

5.1 Viewing Your Data

All data captured by the extension is visible directly in the extension's interface. You can review network requests, headers, and payloads at any time.

5.2 Deleting Your Data

You have complete control over your data:

Clear current session: Click the "Clear" button in the extension to remove all captured requests from memory
Close tab: Request data for a tab is automatically cleared when you close the tab
Uninstall extension: Removes all stored settings and data from your browser
Remove API key: Delete your stored API key from the settings panel at any time

5.3 Exporting Your Data

The extension allows you to export captured requests as JSON or PDF for your own records. This export is saved to your local device only.

6. Security

6.1 API Key Storage

If you choose to use Direct Mode with your own API key:

API keys are stored in Chrome's secure local storage (chrome.storage.local)
Keys are never transmitted to our servers
We recommend using API keys with minimal permissions or spending limits

Security Note: While chrome.storage.local is more secure than regular browser storage, API keys stored this way are still accessible to the extension itself. For maximum security, consider using Backend Mode where you don't need to provide your own API key.

6.2 Secure Connections

All external communications (to Anthropic API or our backend) use HTTPS encrypted connections.

6.3 No Backend Data Retention

When using Backend Mode, our proxy server:

Processes requests in-memory only
Does not write data to disk or databases
Does not retain logs of request content
Discards all data immediately after generating responses

7. Children's Privacy

AdFlow Network Inspector is a developer tool not intended for use by children under 13. We do not knowingly collect information from children.

8. Changes to This Policy

We may update this privacy policy from time to time. Changes will be reflected by updating the "Last Updated" date at the top of this page. For material changes, we will notify users through the extension's interface or Chrome Web Store listing.

Continued use of the extension after policy changes constitutes acceptance of the updated policy.

9. Legal Basis for Data Processing (GDPR)

For users in the European Economic Area (EEA), our legal basis for processing data is:

Legitimate Interest: Providing debugging functionality for adtech requests
Consent: For optional AI features, we rely on your explicit consent when you enable these features and provide an API key or choose to use our backend

You have the right to withdraw consent at any time by disabling AI features or uninstalling the extension.

10. Contact Information

If you have questions, concerns, or requests regarding this privacy policy or how we handle data, please contact us:

Email: privacy@adflow-inspector.dev
GitHub Issues: GitHub Repository

Data Protection Rights: If you believe we are not handling your data in accordance with this policy, you have the right to lodge a complaint with your local data protection authority.