Last Updated: June 2, 2025

​

Thank you for using CloakGuardian, a Chrome browser extension designed to enhance your online security and privacy. This Privacy Policy explains how CloakGuardian collects, uses, stores, and protects your data when you use the extension. By installing and using CloakGuardian, you agree to the practices described in this policy.

​

1. Overview

CloakGuardian provides features to protect your online experience, including ad and malicious domain blocking, HTTPS enforcement, cookie management, IP address display, VPN proxy configuration, DNS management prompts, WebRTC disabling, password strength checking, and browser fingerprinting protection. We are committed to transparency and minimizing data collection to only what is necessary for the extension’s functionality.

​

2. Data We Collect

CloakGuardian operates primarily on your device and collects minimal data to provide its features. Below is a detailed breakdown of the data we collect and how it is used:

​

a. Data Processed by the Extension

• IP Address:

  • Purpose: CloakGuardian fetches your public IP address using the third-party service api.ipify.org to display it in the extension’s popup, helping you monitor your network status (e.g., when using a VPN).

  • Storage: The IP address is not stored locally or transmitted beyond the initial display.

  • Sharing: No data is shared with api.ipify.org beyond the request itself.

• Cookies:

  • Purpose: CloakGuardian allows you to view and delete cookies for the current website and can block cookie transmission in HTTP headers to enhance privacy.

  • Storage: Cookies are accessed temporarily to display in the popup and are not stored by the extension.

  • Sharing: No cookie data is transmitted or shared with third parties.

• Website URLs and Domains:

  • Purpose: CloakGuardian analyzes URLs and domains to block ads, malicious domains, and fingerprinting scripts, enforce HTTPS, and apply fingerprinting protections. This includes:

    • Comparing domains against URLhaus (urlhaus.abuse.ch) for malicious domain blocking.

    • Comparing URLs against EasyPrivacy (easylist.to) for fingerprinting script blocking.

    • Checking HTTPS availability for HTTP URLs.

  • Storage: URLs are processed in real-time and not stored, except for:

    • Cached HTTPS availability (httpsCache) stored locally in chrome.storage.local.

    • Excluded sites (userSettings.excludedSites) stored locally for user-defined fingerprinting exemptions.

  • Sharing: No URLs or domains are shared with third parties, but requests are made to URLhaus and EasyPrivacy (see Section 3).

• Browser and Device Properties:

  • Purpose: CloakGuardian spoofs properties like screen.width, screen.height, navigator.plugins, and navigator.getBattery to prevent browser fingerprinting. It also monitors API calls (e.g., canvas, WebGL) to detect suspicious activity.

  • Storage: Spoofed values are cached locally in chrome.storage.local as screenSpoof and pluginSpoof to maintain consistency during a session. These are cleared after 24 hours.

  • Sharing: No browser or device properties are transmitted or shared.

• User Settings:

  • Purpose: CloakGuardian stores user preferences, such as:

    • Toggle states for ad blocking, cookie blocking, HTTPS enforcement, WebRTC disabling, and fingerprinting protection.

    • Custom User-Agent (userSettings.customUserAgent) for spoofing.

    • Excluded sites (userSettings.excludedSites) for fingerprinting exemptions.

    • Custom DNS settings (customDNS) for user reference.

  • Storage: Stored locally in chrome.storage.local and not transmitted.

  • Sharing: No user settings are shared with third parties.

• Analytics Data:

  • Purpose: CloakGuardian tracks the number of blocked requests (ads, malicious domains, fingerprinting scripts) and canvas tampering events to display in the popup’s analytics dashboard.

  • Storage: Stored locally in chrome.storage.local as blockedCount, fingerprintingBlocks, and canvasTamperCount.

  • Sharing: No analytics data is transmitted or shared.

• Password Input:

  • Purpose: CloakGuardian analyzes password fields to provide real-time strength feedback (e.g., “Strong” or “Weak”).

  • Storage: Passwords are processed in-memory and not stored or transmitted.

  • Sharing: No password data is shared with third parties.

  • ​

b. Data Not Collected

CloakGuardian does not collect:

• Personally identifiable information (e.g., name, email, or address).

• Browsing history beyond real-time URL processing for blocking or HTTPS enforcement.

• Data from page content beyond password fields and API call monitoring.

​

3. Third Party Services

CloakGuardian relies on the following third-party services to function. We do not share personal data with these services beyond what is necessary for their operation.

• URLhaus (urlhaus.abuse.ch):

  • Purpose: Provides a list of malicious domains for blocking.

  • Data Shared: CloakGuardian fetches the domain list via HTTPS. No user data is sent to URLhaus.

  • Frequency: Updated every 6 hours.

  • Privacy: URLhaus is a public, open-source service operated by abuse.ch. No user data is collected by URLhaus during these requests.

• EasyPrivacy (easylist.to):

  • Purpose: Provides a list of fingerprinting scripts and trackers for blocking.

  • Data Shared: CloakGuardian fetches the EasyPrivacy list via HTTPS. No user data is sent to EasyPrivacy.

  • Frequency: Updated every 6 hours, with a local fallback file if fetching fails.

  • Privacy: EasyPrivacy is a community-maintained, open-source blocklist. No user data is collected during these requests.

• IPify (api.ipify.org):

  • Purpose: Retrieves your public IP address for display in the popup.

  • Data Shared: A simple HTTPS request is made, with no user data sent.

  • Frequency: On-demand when opening the popup.

  • Privacy: IPify’s privacy policy (available at https://www.ipify.org) governs its handling of request metadata (e.g., your IP address).

​

Data Storage and Security

• Local Storage: All data processed by CloakGuardian (e.g., httpsCache, screenSpoof, pluginSpoof, userSettings, blockedCount, fingerprintingBlocks, canvasTamperCount) is stored locally on your device using Chrome’s chrome.storage.local API. This data is accessible only to the extension and is not transmitted to any servers.

• Cache Management:

  • HTTPS Cache: Stores domain HTTPS availability for up to 24 hours, with a limit of 1000 entries. Older or less-used entries are removed automatically.

  • Spoofing Cache: screenSpoof and pluginSpoof are cleared after 24 hours to refresh randomization.

  • Blocklists: URLhaus and EasyPrivacy lists are cached locally and updated every 6 hours.

• Security: Data is stored securely within Chrome’s storage system, protected by the browser’s sandboxing. No data is stored in plain text outside the extension’s secure context.

​

5. Data Handling Practices

• No Transmission: CloakGuardian does not transmit any user data to external servers, except for requests to URLhaus, EasyPrivacy, and IPify as described in Section 3. These requests do not include personal data.

• No Sharing: We do not share, sell, or disclose any data collected by CloakGuardian to third parties, except as required by law.

• User Control:

  • You can disable features (e.g., fingerprinting protection, HTTPS enforcement) via the popup, reducing data processing.

  • You can clear all stored data by uninstalling the extension, which removes all chrome.storage.local data.

  • Excluded sites in userSettings.excludedSites allow you to bypass fingerprinting protections for specific domains.

​

6. Permissions

CloakGuardian requires the following Chrome permissions to function:

• <all_urls>: To monitor and block requests (ads, malicious domains, fingerprinting scripts), enforce HTTPS, and apply fingerprinting protections across all websites.

• webRequest, webRequestBlocking: To intercept and modify network requests for blocking and HTTPS redirection.

• cookies: To view, delete, and block cookies.

• storage: To store blocklists, caches, user settings, and analytics data locally.

• privacy: To disable WebRTC for privacy.

• tabs: To access the current tab’s URL for cookie management and IP display.

• scripting: To inject content scripts for fingerprinting protection and password strength checking.

• declarativeNetRequest: Reserved for potential future blocking enhancements.

These permissions are used solely for the extension’s intended functionality and are not abused for unauthorized data collection.

​

7. User Rights

You have full control over the data processed by CloakGuardian:

• Access: View stored data (e.g., blocked counts, user settings) via the popup or Chrome’s storage inspector.

• Modification: Change settings (e.g., toggles, User-Agent, excluded sites) at any time.

• Deletion: Uninstall CloakGuardian to remove all locally stored data. No data persists after uninstallation.

• Opt-Out: Disable specific features via the popup to opt out of associated data processing.

​

8. Compliance with Laws

CloakGuardian is designed to comply with privacy laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), where applicable. Since we collect no personally identifiable information and store data locally, our compliance obligations are minimal. However, we are committed to addressing any legal requests or concerns promptly.

​

9. Updates to This Policy

We may update this Privacy Policy to reflect changes in CloakGuardian’s features or legal requirements. The latest version will be available within the extension’s documentation or on our website (if applicable). Significant changes will be communicated via the Chrome Web Store listing or an in-extension notification. This policy is governed by the laws of Netherlands

​

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or CloakGuardian’s data practices, please contact us at:

• Email: info@cloaknetwork.com

• Website: https://cloaknetwork.com

We aim to respond to all inquiries within 7 business days.