Public documentation
Privacy policy
Plain-language privacy disclosure for the documented A11Y Cat Extension public extension package.
Scope
This privacy policy describes the documented A11Y Cat Extension public extension package. It does not describe unrelated legacy bookmarklet workflows or any future hosted service unless a release note explicitly adds one.
Processing model
The extension processes scan evidence locally in the browser for the documented local-first workflow. It uses packaged local scripts, local axe-core, local spelling assets, browser extension storage where supported, and user-triggered exports.
Data handled
| Data category | Why it is used | Where it may go |
|---|---|---|
| Page URL and title | Scan context, history, diagnostics, exports. | Local storage and user-triggered exports. |
| DOM selectors and snippets | Issue details, highlighting, evidence, remediation handoff. | Local scan state and exports. |
| Text and metadata | Language, spelling, link, heading, metadata, and review checks. | Issue evidence and exports where included. |
| Browser Preference QA Controls data | Temporary extension-side preview values, computed style evidence, inspection summaries, tester observations, and QA report selection state. | Local panel state and user-triggered JSON or HTML QA report exports. |
| Diagnostics | Troubleshooting permissions, runtime, storage, frames, and limitations. | Diagnostics export if user creates it. |
| Screenshots where captured | Visible-tab QA report context where Chrome permits capture. | HTML report export if user triggers it. |
| User notes and review state | Manual workflow tracking and handoff. | Local storage and exports. |
No declared developer data collection in extension scan path
- No developer-operated scan server.
- No developer database for scan results or browsing history.
- No analytics or telemetry endpoint declared for scan processing.
- No hosted AI API used for extension scan processing.
- No remote axe-core CDN.
User responsibility after export
Exported evidence is controlled by the user or organisation after export. Apply your own retention, access, and deletion rules.