Privacy Policy — Active WebAuditor (Chrome Extension)
Last updated: 18 June 2026
Publisher: Webdezign Ltd
Contact: support@webdezign.co.uk
Extension Proxy Base: https://api.support.webdezign.co.uk
1. Overview
Active WebAuditor (“the Extension”) is a Chrome browser extension that provides website health, SEO, performance, and security insights for any website you visit. This Privacy Policy explains what data the Extension collects, how it is used, and how it is stored.
2. Data Collected
2a. Data Collected Automatically (without user action)
When you visit a webpage the Extension reads the live DOM (Document Object Model) of the active tab. The following information is collected from the current page only:
| Data type | Purpose |
| Page URL | Identify which page is being audited |
| Page title & meta tags | SEO analysis |
| Heading structure (H1–H6) | SEO analysis |
| Image attributes (src, alt, loading) | SEO / accessibility analysis |
| Link attributes (href, rel, target) | SEO / security analysis |
| Inline and external script content | Tracking tag detection (GA4, GTM, etc.) |
| Structured data (JSON-LD) | Schema/SEO analysis |
| Open Graph & Twitter Card tags | Social media analysis |
| Performance timing via PerformanceAPI | Page speed analysis |
| Word count from visible body text | Content quality analysis |
| WordPress detection signals | WordPress-specific health checks |
This data is never transmitted to Webdezign servers or any third party. It stays entirely within your browser.
2b. Data Collected with User Action (optional features)
| Feature | Data | Destination |
| Lighthouse / PageSpeed scan | Page URL | Sent to our backend proxy (https://api.support.webdezign.co.uk/api/lighthouse), which calls Google PageSpeed Insights. Falls back to googleapis.com directly if the proxy is unavailable. |
| Carbon footprint check | Page URL | Sent to our backend proxy (https://api.support.webdezign.co.uk/api/carbon), which calls Website Carbon API. Falls back to api.websitecarbon.com directly if the proxy is unavailable. |
| DNS email deliverability check | Domain name | Sent to https://dns.google/resolve (public DNS-over-HTTPS, no account required) |
| Security exposure checks | Domain name | HTTP HEAD requests sent directly to the target website being audited (e.g. /xmlrpc.php, /.htaccess) — no data leaves to Webdezign servers |
2c. Data Stored Locally
The Extension stores the following exclusively on your local device using chrome.storage.local and chrome.storage.session:
| Data | Storage | Persistence |
| Site domains and API tokens | chrome.storage.local | Retained until you remove them |
| Scan history snapshots (max 30 per domain) | chrome.storage.local | Retained until cleared |
| PSI / Gemini API keys (if provided by user) | chrome.storage.local | Retained until changed or deleted |
| DOM data from current tab | chrome.storage.session | Cleared on browser restart |
2d. Data Synced Across Devices
Non-sensitive preferences (auto-scan toggle, notification toggle, scan schedule, performance budget) may be synced via chrome.storage.sync across your signed-in Chrome profiles. API keys and tokens are explicitly excluded from sync and are stored locally only.
3. Data NOT Collected
We do not collect, transmit, or store:
- Your browsing history
- Passwords or form input values
- Payment information
- Personal identification information
- Cookies or session data
- Any data for advertising or profiling purposes
4. Third-Party Services
The Extension may contact the following external services when you explicitly trigger a scan:
| Service | URL | Purpose | Their Privacy Policy |
| Google PageSpeed Insights | https://www.googleapis.com/pagespeedonline/v5/runPagespeed | Lighthouse performance audit (fallback only) | Google Privacy Policy |
| Webdezign Backend Proxy — Lighthouse | https://api.support.webdezign.co.uk/api/lighthouse | Cached Lighthouse/PSI results (primary path) | This policy |
| Webdezign Backend Proxy — Carbon | https://api.support.webdezign.co.uk/api/carbon | Cached CO₂ footprint results (primary path) | This policy |
| Website Carbon API | https://api.websitecarbon.com | CO₂ footprint estimate (fallback only) | websitecarbon.com/privacy |
| Google DNS-over-HTTPS | https://dns.google/resolve | MX/SPF/DMARC/DKIM record lookups | Google Privacy Policy |
The Webdezign backend proxy (api.support.webdezign.co.uk) receives only the page URL being scanned. Results are cached server-side for 1 hour (Lighthouse) and 2 hours (Carbon footprint). No user identification data, no cookies, and no personal information are transmitted to or stored by the proxy. The proxy is rate-limited to 20 requests/minute per IP for Lighthouse and 15/minute for Carbon.
5. Permissions Justification
| Permission | Reason |
activeTab | Read the current page’s DOM to perform SEO, heading, image, link and tracking analysis |
tabs | Detect the active tab URL to show per-page audit results |
storage | Save site tokens, user settings and scan history locally on your device |
scripting | Inject the content script into the active tab to collect on-page signals |
downloads | Allow you to export audit reports as PDF files |
alarms | Schedule periodic background site health checks |
notifications | Alert you when a monitored WordPress site has new vulnerabilities or pending updates |
host_permissions (http/https) | The Extension must be able to read any website you navigate to in order to perform the audit |
6. Data Retention & Deletion
- Scan history is retained locally for up to 30 snapshots per domain.
- All stored data (tokens, settings, history) can be deleted at any time by removing the Extension from Chrome, or by using the Settings panel within the Extension.
- Removing the Extension permanently deletes all locally stored data.
7. Children’s Privacy
This Extension is not directed at children under the age of 13. We do not knowingly collect any personal information from children.
8. Changes to This Policy
We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page will reflect any changes. Continued use of the Extension after changes constitutes acceptance of the revised policy.
9. Contact
If you have any questions about this Privacy Policy, please contact:
Webdezign Ltd
Email: support@webdezign.co.uk
Website: https://webdezign.co.uk
Extension Proxy URL: https://api.support.webdezign.co.uk
Privacy Policy URL (for Chrome Web Store): https://webdezign.co.uk/active-auditor-privacy
Write to us
or call the number 020 8446 1515