# Privacy Policy — AI Writing Highlighter _Last updated: 2026-05-27_ ## Short version This extension does not collect, transmit, sell, or share any personal data. It does not include any analytics or telemetry. All page analysis happens locally in your browser. The only network request it ever makes is a fetch of its public pattern guide from a single named endpoint. ## What the extension does The extension scans visible article-like text and social feed text on pages you visit and highlights passages that match a list of writing patterns commonly found in AI-generated text. All matching happens in your browser using JavaScript inside the extension. No content from the pages you visit ever leaves your device. ## Data we collect **None.** We do not collect, log, or transmit: - The pages you visit - The contents of any page - Any matches found on any page - Any account, cookie, device fingerprint, or personal identifier inside the extension - Any usage analytics, click events, or telemetry ## Data stored locally The extension uses `chrome.storage.local` to remember: - Whether you have toggled highlighting on or off - The most recent cached copy of the pattern guide - Metadata about the most recent guide fetch (timestamp, ETag, version) - The status of the most recent guide fetch (so the popup can tell you whether the guide is up to date) This data is stored only on your device and is not transmitted anywhere. ## Network requests The extension makes exactly one kind of network request: a `GET` to `https://aiwritingguide.misterburton.com/api/guide.json`, sent on install and then about once per day, to fetch updated pattern data. This request uses conditional headers (`If-None-Match` and `If-Modified-Since`) so that unchanged guides return `304 Not Modified` and don't re-download. This request includes the same `User-Agent` and IP address that any ordinary browser request to that endpoint would include. We do not operate logging on that endpoint beyond standard webserver access logs, which are not used for analytics or personalization. ## Third-party services The extension does not embed or call any third-party analytics, advertising, error reporting, or tracking services. ## Remote code The extension does not execute any remotely loaded JavaScript. The pattern guide it fetches contains only data (strings and regex patterns). Regex patterns are compiled with `new RegExp(...)` inside a `try/catch`; any pattern that fails to compile is skipped. Patterns longer than 500 characters are rejected, and matching is capped at 40 ms per paragraph to limit ReDoS risk. Guide payloads are accepted only when they declare Wikipedia's Signs of AI writing page as their source. ## Permissions and why we need them - `storage` — to cache the pattern guide and your on/off preference - `alarms` — to schedule the daily guide refresh - `activeTab` — to read the active tab and send messages to the content script when you open the popup - Host permission for `https://aiwritingguide.misterburton.com/*` — to fetch the daily guide - Content script match for `` (declared in `manifest.json`, not a host permission) — to run the local scanner on pages you visit so it can highlight inline ## Contact If you have any questions about this policy, see the install notes and support information at .