Privacy Policy - Web Vitals Extension Enhanced

Effective Date: November 10, 2025

Developer: jtax (jose@jtax.dev)

 TL;DR: Zero tracking, zero data collection. API calls only when you open Server/DNS/SEO tabs. All processing happens locally in your browser.

Single Purpose Statement

This extension provides comprehensive website performance, SEO, and infrastructure analysis by combining Core Web Vitals metrics with SEO analysis, domain authority estimation, security metrics, server geolocation and DNS record lookups. It allows developers and SEO professionals to analyze website performance, on-page optimization, hosting infrastructure, and DNS configuration without switching between multiple tools.

Data Collection

This extension collects zero user data. No personal information, browsing history, or user behavior is tracked, stored, or transmitted.

How It Works

Web Vitals Tab

Metrics calculated locally in your browser using Chrome's Web Vitals API
No data sent to external servers
All processing happens on your device

SEO Tab

Only activated when you manually open this tab
SEO Score calculated locally by analyzing page elements (meta tags, headings, images, links)
Domain Authority and Domain Rating estimated locally based on domain characteristics
Security Score obtained from Mozilla Observatory API (sends only the domain name)
All on-page analysis happens locally - no page content is transmitted externally
Only domain name is sent to Mozilla Observatory for security header analysis

Server Info Tab

Only activated when you manually open this tab
Sends only the domain name to ipwhois.app API for geolocation lookup
No personal data or browsing history transmitted
Response displayed directly to you and not stored

DNS Info Tab

Only activated when you manually open this tab
Queries Google's public DNS API with only the domain name
No personal data or browsing history transmitted
Response displayed directly to you and not stored

Third-Party API Services

This extension uses three free public APIs:

Mozilla Observatory - Security headers and HTTPS configuration analysis
ipwhois.app - Server geolocation data
Google DNS API - DNS record lookups

All services receive only the domain name being analyzed. No page content, personal data, or browsing history is transmitted. Review their privacy policies:

Mozilla Observatory: https://observatory.mozilla.org/
ipwhois.app: https://ipwhois.io/privacy
Google DNS: https://developers.google.com/speed/public-dns/privacy

What We Don't Do

No tracking or analytics
No cookies
No user accounts or authentication
No data storage or logging
No personal information collection
No browsing history access
No sale, transfer, or sharing of any data with third parties

Permission Justifications

tabs

Required to access the current tab's URL to display the domain name in the extension popup and to measure Web Vitals performance metrics and SEO elements for the active webpage.

storage

Required to save user preferences for the extension interface (such as selected tab view) locally in the browser. No data is sent externally. All storage is local to your device.

activeTab

Required to read the current webpage's URL and inject Web Vitals measurement scripts and SEO analysis code to calculate performance metrics (LCP, CLS, INP, FCP, TTFB) and analyze on-page SEO elements (meta tags, headings, images, structured data) on the active tab only.

scripting

Required to inject Web Vitals measurement code and SEO analysis scripts into the active webpage to collect performance metrics and analyze page elements. Scripts only execute on the current tab and only measure/analyze data locally. No page content is transmitted externally.

Host Permissions (:///)

Required to measure Web Vitals and analyze SEO on any website the user visits, and to make API calls to Mozilla Observatory, ipwhois.app and Google DNS for security, server and DNS information lookups. The extension only accesses sites when actively opened by the user.

Remote Code Usage

This extension does NOT use remote code.

All JavaScript code is included in the extension package. The extension makes HTTPS API calls to Mozilla Observatory, ipwhois.app and Google DNS APIs to fetch security headers, server geolocation and DNS records, but these are data requests, not code execution. No external JavaScript files are loaded or executed. No eval() or similar dynamic code execution is used.

Data Transfers

I certify that:

I do not sell or transfer user data to third parties
I do not use or transfer user data for purposes unrelated to the extension's single purpose
I do not use or transfer user data to determine creditworthiness or for lending purposes

Data Storage and Retention

All data is ephemeral and exists only while the extension popup is open. When you close the popup, everything is cleared from memory. The only persistent data is user interface preferences stored locally via chrome.storage.local.

SEO Analysis Data: All SEO scoring, domain authority estimation, and trust score calculations happen locally in your browser. Only the domain name is sent to Mozilla Observatory for security header analysis. No page content, meta descriptions, titles, or any other on-page elements are transmitted externally.

Open Source

This extension is open source. You can inspect all code at the GitHub repository to verify these privacy claims.

Changes to This Policy

If this policy changes, the effective date will be updated. Continued use of the extension constitutes acceptance of any changes.

Your Rights and Control

You have complete control over this extension. Uninstall it anytime from chrome://extensions and all functionality stops immediately. No data persists after uninstallation.

Contact

Questions or concerns? Email me at jose@jtax.dev

Last updated: November 10, 2025 | Web Vitals Extension Enhanced by jtax