ProtoConsent
ProtoConsent
← Back to home

Privacy Policy

Last updated: April 2026

Short version

ProtoConsent does not collect, store, or share any personal data. Everything runs in your browser. There is no backend, no analytics, no tracking.

What data the extension handles

ProtoConsent stores your per-site purpose preferences (profile, purpose toggles, and operating mode) and your domain whitelist in your browser's local extension storage (chrome.storage.local). This data never leaves your device.

The extension does not:

  • Collect browsing history or page content
  • Send data to any server or third party
  • Use cookies, analytics, or telemetry
  • Create user accounts or identifiers
  • Access or read personal information

What the extension does locally

  • Reads the current tab URL to identify which domain you are managing
  • Stores your purpose preferences and domain whitelist per site in local storage
  • Creates declarative network rules to block requests matching denied purposes and to allow whitelisted domains
  • Sends a Sec-GPC: 1 header to sites where privacy-relevant purposes are denied
  • Optionally writes temporary consent cookies on sites that use known consent management platforms (CMPs), based on your purpose preferences (experimental, disabled by default). These cookies are deleted automatically after 5 seconds. No data is sent to any server; cookies are written locally in your browser.
  • Detects CMP consent banners via CSS selectors and optionally hides them with injected styles. No data leaves your browser.
  • Reads consent cookies set by CMPs to display their consent status in the Log tab (read-only, no modification).
  • Reads localStorage entries from known CMPs (e.g. Usercentrics, CCM19) and probes standard consent APIs (TCF, GPP) to detect consent frameworks. This runs in the page context (MAIN world), is strictly read-only, and no data is sent anywhere.
  • Removes high-entropy Client Hints headers (Sec-CH-UA-*) when advanced tracking is denied, reducing browser fingerprinting surface. No data is sent; headers are removed before the request leaves your browser.
  • Strips known tracking parameters from URLs (e.g. utm_source, fbclid) using browser redirect rules. The original URL is rewritten locally before the request is sent. No data is collected or transmitted.
  • Fetches .well-known/protoconsent.json from sites when you open the side panel in the popup, to display their declared data practices (cached locally, never forwarded)
  • Queries matched blocking rules to display request counts in the popup
  • Downloads optional third-party enhanced list data from public CDN sources (jsDelivr, GitHub) when Enhanced Protection is enabled. Sync is on by default and can be disabled in Purpose Settings. Lists refresh automatically on a configurable interval (default: every 24 hours). Only the list file is fetched - no personal data, cookies, or identifiers are sent. Downloaded lists are stored locally in your browser.
  • Provides a right-click context menu on the extension icon for quick access to operating mode, feature toggles (cookie banner management, cosmetic filters, privacy signals), site whitelist, and settings. No data is collected; all actions modify local preferences only.

Permissions and why they are needed

Permission Why it is needed
tabs Read the active tab URL to apply per-site rules
storage Persist preferences locally in the browser
scripting Register content scripts at runtime (GPC signal, TCF/GPP detection, CMP banner detection)
declarativeNetRequest Create and manage blocking and header rules
declarativeNetRequestFeedback Count blocked requests for the popup display
webRequest Observe blocked requests and GPC headers in real time for the Log tab (read-only, no modification)
webNavigation Detect URL parameter stripping by comparing URLs before and after navigation
unlimitedStorage Store downloaded enhanced list data locally (lists can be large)
alarms Schedule periodic refresh of downloaded enhanced lists in the background
contextMenus Add a right-click menu on the extension icon for quick access to mode switching, feature toggles, and site whitelist
host_permissions (<all_urls>) Required by declarativeNetRequest, scripting, and webRequest to operate across all domains

No data is collected, transmitted, or shared. No remote code execution. No analytics. All preferences are stored locally in your browser.

The website (protoconsent.org)

protoconsent.org is a static site hosted on GitHub Pages. It does not use cookies, analytics, ads, or any form of tracking. No personal data is collected, stored, or shared.

This site publishes a .well-known/protoconsent.json file declaring its own data practices, which the extension can read.

The declaration validator (validate.html) can check a domain's .well-known/protoconsent.json file via a proxy hosted on third-party infrastructure (currently Cloudflare Workers, at api.protoconsent.org). When you use this feature, the domain you enter is sent to the proxy to fetch the file. The infrastructure provider may log standard request metadata (IP address, timestamp). No personal data is stored by ProtoConsent beyond the provider's standard logging. Paste and file upload validation run entirely in your browser with no network requests.

Open source

The extension source code is publicly available at github.com/ProtoConsent/ProtoConsent under GPL-3.0+. You can inspect exactly what the extension does.

Contact

Questions about this policy: contact@protoconsent.org.

Changes to this policy

If this policy changes, the updated version will be published at this URL. The extension does not auto-update policies or collect version information.