Privacy Policy — DraftGuard

DraftGuard is a Chrome extension that auto-saves what you type into web forms, helps you recover lost form data, and lets you reuse your saved answers on similar forms. This policy explains, in plain language, exactly what data DraftGuard handles and how.

Short version

All your data stays on your device, in your browser's local storage.
DraftGuard has no servers, no accounts, and no analytics.
DraftGuard never saves passwords or payment fields.
DraftGuard never transmits your typed content to anyone — including the developer. There is no mechanism by which we could read your data, because it never leaves your computer.

What DraftGuard stores

When you type into a form on a website you visit, DraftGuard saves a snapshot of the field values. A snapshot includes:

The text you typed into each monitored field.
Descriptive metadata about each field (its label, name, id, placeholder, field type, and section/legend if any) — used to help match similar forms across different sites.
The page title and URL of the form.
A timestamp.

Templates you choose to create from the popup and any settings you change are also stored locally. All of this is stored exclusively in your browser's IndexedDB on your own device.

What DraftGuard does NOT store

DraftGuard automatically detects and skips:

Password fields (<input type="password">).
Credit card numbers, CVV codes, expiration dates, and any field that looks like a payment field by name, label, autocomplete attribute, or surrounding container context.
Hidden form fields (<input type="hidden">).
File upload fields (<input type="file">).

These rules are hardcoded at the field-detection layer. They cannot be disabled, even in Settings.

Where your data lives

Every snapshot, template, and setting is stored locally on your device in your browser's IndexedDB.
DraftGuard does not operate any backend servers.
DraftGuard does not have a database that contains your data.
DraftGuard does not have any account system, user identifiers, or login.
The developer has no technical mechanism to access your data. Your data exists only on the device(s) where you have DraftGuard installed.

What DraftGuard sends to remote servers

Nothing about you or your typed content.

DraftGuard makes no network requests for analytics, telemetry, error reporting, update checks against a remote server, or remote script loading. All code and assets are bundled with the extension itself.

One incidental remote request exists: the Templates and Typing History tabs of the popup load small site icons (favicons) from Google's public favicon service (https://www.google.com/s2/favicons) so you can visually identify which site each saved draft came from. Only the domain name of the site you saved (which is already public information) is sent in those requests; none of your typed content is included. If you'd prefer no requests at all, you can blacklist google.com from Settings — the favicons will simply not load and DraftGuard will continue to work normally.

Permissions DraftGuard requests, and why

storage — to save your drafts, templates, settings, and dismissed prompts on your device.
tabs — to identify which tab is currently active so the popup can show drafts that match your current page.
activeTab — to read the values of form fields on the page you're currently using, so it can save and restore them.
alarms — to schedule periodic local cleanup of drafts older than your data-retention setting (default: 30 days).
<all_urls> host permission — so DraftGuard can offer to recover or reuse your work on any website you choose to use it on. You can blacklist any domain individually so it never runs there.

Sites where DraftGuard never runs

Any domain you add to your blacklist in Settings.
Any domain you silence via the "Don't show on this site" link in the recovery bar.
Any URL whose path contains /checkout, /payment, or /billing.
Any field detected as a password or payment field, on any site.

Your data, your control

You can, at any time:

Export all your saved data as a JSON file (Settings → Privacy → Export).
Import a previously exported JSON file.
Delete a single draft, every draft from a specific domain, or all drafts you've ever saved.
Add any domain to the blacklist so DraftGuard never runs on it.
Disable DraftGuard entirely from the Settings page.

When you uninstall DraftGuard, Chrome removes the extension's local storage along with it. All saved drafts are deleted automatically and there is nothing left for anyone — including the developer — to recover, because there were never any external copies.

Third parties

DraftGuard has no third-party SDKs, no third-party analytics, no advertising networks, and no third-party data processors. The only outbound network call made by the extension is to Google's public favicon service, described above.

Children

DraftGuard does not knowingly collect personal data from anyone, including children under 13. Because DraftGuard does not transmit data anywhere, there is no central system that could contain a child's data.

Changes to this policy

If we ever change how DraftGuard handles data, this document will be updated and the "Last updated" date at the top will change. Material changes will be mentioned in the extension's release notes on the Chrome Web Store.

Contact

For privacy questions, open an issue on the DraftGuard project repository. DraftGuard is a privacy-first project — if anything in this policy is unclear or you spot something concerning, please reach out.