-
Notifications
You must be signed in to change notification settings - Fork 0
Security & Privacy Policy
Gautam Kumar edited this page Jan 8, 2026
·
2 revisions
SafePaste was built on the principle that your data should never leave your RAM.
-
No Server-Side: There is no backend. No data is sent to
gautamjkr.github.ioor any other domain. -
In-Memory Only: The "Ghost Map" (the link between
<PHONE_1>and+1-555...) exists only in the volatile memory of the content script. Once the page is refreshed or the tab is closed, the map is destroyed.
We adhere to the Principle of Least Privilege:
-
Host Permissions: Limited strictly to
chatgpt.comandgemini.google.com. The extension cannot read your data on bank sites, social media, or other sensitive pages. - Clipboard Access: Only triggered on the specific SafePaste shortcut.
All detection logic is contained in src/piiDetector.ts. We use no external NPM libraries for the detection itself to prevent Supply Chain Attacks.