Privacy Policy

1. Overview

IronGuard is designed with privacy as a fundamental principle, compliant with international privacy regulations including GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and LGPD (Lei Geral de Proteção de Dados). This privacy policy explains how IronGuard handles your data—or more accurately, how it doesn't.

2. Core Privacy Principles

2.1 100% Local Processing

All threat detection and analysis performed by IronGuard happens entirely on your device. No data is transmitted to external servers for processing.

2.2 No Data Collection

IronGuard does not collect, transmit, or store any personal information, browsing history, or user data. All processing is local and ephemeral.

2.3 No Servers Required

IronGuard operates without backend servers. There is no infrastructure that could collect or store your data because none exists.

2.4 No User Accounts

IronGuard does not require user accounts, authentication, or registration. There is no user database because there are no users to track.

3. What Data Is Stored Locally

IronGuard stores the following data locally on your device using Chrome's local storage:

• Protection Settings: Your protection preferences (enabled/disabled, protection mode)
• Whitelist: Domains you've explicitly whitelisted
• Statistics: Local counts of blocks, warnings, and allowed requests (no URLs or personal data)
• History: Recent threat detections (stored locally, not transmitted)
• Notification Preferences: Whether you've enabled desktop notifications

All of this data remains on your device and is never transmitted externally.

4. Optional Threat Feed (Opt-In)

IronGuard includes an optional threat intelligence feed feature. This feature is disabled by default and requires explicit user opt-in.

If enabled:

• Threat feed data is fetched from external sources (configured by user)
• Feed data is cached locally on your device
• No personal information is transmitted when fetching feeds
• You can disable this feature at any time

If disabled (default), no external network requests are made for threat intelligence.

5. Permissions Explained

IronGuard requests the following browser permissions:

• webRequest: Required to intercept and analyze network requests
• webRequestBlocking: Required to block malicious requests
• storage: Required to store settings locally on your device
• tabs: Required to display threat information in browser tabs
• notifications: Required to show desktop alerts when threats are blocked
• <all_urls>: Required to protect all websites you visit

These permissions are used exclusively for threat protection and local storage. No data collected through these permissions is transmitted externally.

6. Third-Party Services

IronGuard does not integrate with third-party analytics, advertising, or tracking services. There are no third-party cookies, tracking pixels, or external scripts.

7. Data Sharing

IronGuard does not share, sell, or transmit any data to third parties because there is no data to share. All processing and storage is local to your device.

8. Data Security

Since all data is stored locally on your device, data security is managed by your browser's built-in security mechanisms. IronGuard does not maintain any external infrastructure that could be compromised.

9. Children's Privacy

IronGuard does not knowingly collect information from children. Since IronGuard doesn't collect any information from anyone, this is not applicable.

12. Your Rights (GDPR, CCPA, LGPD)

Under GDPR (EU), CCPA (California), and LGPD (Brazil), you have the following rights:

• Right to Access: Since we collect zero data, there is no data to access. All processing happens locally on your device.
• Right to Deletion: No data is stored, so there is nothing to delete. Uninstalling the extension removes all local data.
• Right to Data Portability: Not applicable as no data is collected or stored.
• Right to Object: You can uninstall the extension at any time to stop all processing.
• Right to Rectification: Not applicable as no personal data is collected.
• Right to Restrict Processing: Uninstall the extension to stop all processing.
• CCPA Right to Know: We do not sell, share, or collect personal information.
• CCPA Right to Delete: No data is collected, so there is nothing to delete.
• CCPA Right to Opt-Out: No data collection means no opt-out needed.
• LGPD Rights: All LGPD rights are respected through our zero-data-collection architecture.

How to Exercise Your Rights: Simply uninstall the extension. All local data will be removed immediately.

13. International Data Transfers

GDPR Compliance: Since IronGuard operates with 100% local processing and zero data collection, no personal data is transferred across borders. All processing occurs on your local device, ensuring compliance with GDPR Article 44-49 (Transfers of personal data to third countries).

No Data Transfers: We do not transfer, store, or process data on any servers, eliminating the need for Standard Contractual Clauses (SCCs) or other transfer mechanisms.

14. Cookie Policy

Essential Cookies Only: IronGuard.ai uses only essential cookies for site functionality. We do NOT use:

• Tracking cookies
• Analytics cookies
• Advertising cookies
• Third-party cookies
• Social media cookies

Cookie Consent: In compliance with GDPR Article 7 and ePrivacy Directive, we request your consent before setting any cookies. You can accept or decline cookies through our cookie consent banner.

15. Data Protection Officer (DPO)

Under GDPR Article 37, organizations processing personal data may require a DPO. Since IronGuard collects zero personal data, a DPO is not required. However, for privacy inquiries, please contact us through our contact page.

16. Supervisory Authority

GDPR: EU residents have the right to lodge a complaint with their local supervisory authority. However, since we collect no data, there is no data processing to complain about.

CCPA: California residents can contact the California Attorney General's office for CCPA-related inquiries.

LGPD: Brazilian residents can contact the Autoridade Nacional de Proteção de Dados (ANPD) for LGPD-related inquiries.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in regulations or our practices. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Continued use of IronGuard after changes constitutes acceptance of the updated policy.

18. Contact Us

For privacy-related questions, GDPR inquiries, CCPA requests, or LGPD concerns, please contact us through our contact page.

Privacy Email: For urgent privacy matters, please use our contact form and select "Privacy Inquiry" as the subject.