Knoxy Extension Privacy Policy

This policy applies to the Knoxy Chrome extension that pairs a browser with a Knoxy account to search, reveal, and autofill credentials after explicit user approval.

Data Stored In The Browser

A device-specific ECDSA key pair used to sign extension API requests.
The browser/device label shown during pairing, such as Chrome on Windows.
The paired device ID after you approve the browser.
A short-lived unlock session token stored in session storage until the browser closes or the session expires.

Data Sent To Knoxy

Signed pairing and unlock requests sent to the Knoxy service.
The extension version and device name attached to pairing requests.
Approved device records tied to your Knoxy account after you approve pairing.
Credential query, fill, search, and reveal requests only after you unlock the extension.

How The Extension Uses Site Access

The extension runs on HTTPS pages to detect login forms, show an autofill button near password inputs, and fill credentials only after you unlock the extension and choose a credential.

Knoxy does not automatically submit forms. Credential lookup is limited to the hostname of the current page and server-side host matching rules.

Data Sharing And Retention

The extension does not sell personal data.
The extension does not use third-party advertising trackers.
The extension does not send your private signing key to the server.
The extension does not inject remote code into pages.

Pairing records, device records, and extension audit events are retained by the Knoxy service for account security and device management. You can revoke a paired browser from the Knoxy settings page.

Contact

Product site: https://knoxy.ziadhussein.com

Support information for Chrome Web Store users is available at /extension/support.