Public documentation
Privacy and local data handling
Local-first processing, browser storage, exports, clearing controls, and privacy boundaries.
Local-first boundary
The documented extension package processes scan evidence in the browser. It does not declare a developer-operated scan server, developer scan database, hosted AI API, analytics pipeline, telemetry endpoint, or remote axe-core CDN for scan processing.
What can be stored locally
| Local data | Purpose | Clearing approach |
|---|---|---|
| Settings and preferences | Theme, panel state, feature preferences, and review workflow settings where supported. | Use extension local data controls or browser extension storage removal. |
| Scan history and issue state | Previous scans, counts, selectors, snippets, review decisions, and local workflow state. | Clear from the extension where supported before ending sensitive work. |
| Browser Preference QA Controls state | Temporary preview settings, tester observations, and QA report selection state for extension-side browser preference review. | Reset active previews and clear local data when the review window ends. |
| Dormant contrast-review state | Older contrast-review decisions may remain for compatibility, but the active extension UI does not expose the former Contrast Inspector workflow. | Clear local data when retained contrast-review evidence is no longer needed. |
| Screen Reader Review state | Notes, expected order, and review workflow evidence. | Clear if no longer needed. |
| Spelling allowlist | Reviewer-approved terms and local dictionary decisions. | Remove entries when no longer appropriate. |
What exported files may contain
Exports can include page URLs, titles, selectors, snippets, issue descriptions, severity, classification, status, source engine, source rule ID, WCAG tags, POUR mapping, diagnostics, timestamps, review status, user notes, selected module evidence, Browser Preference QA Controls observations, HTML QA report dashboard rows, visible-tab screenshot image data where Chrome permits capture, and contrast diagnostics. Treat exports as sensitive even when scan processing is local.
What is not sent to a server by the documented package
- No scan results are sent to a developer-operated scan server.
- No browsing history is sent to a developer database.
- No analytics or telemetry endpoint is declared for scan processing.
- No hosted AI API is used in the extension scan path.
- No remote axe-core CDN is used.
Clearing local data
- 1
Use built-in clear controls where supported
Clear scan history, workflow state, review notes, and other local state from the extension UI where available.
- 2
Remove browser extension storage if needed
Browser extension management can remove extension storage when the extension is removed or reset.
- 3
Delete exported files separately
Exports are user files. Remove them from downloads, tickets, shared drives, and evidence stores according to policy.