Privacy Policy – AIScamHunter | Local‑First, Zero Data Collection
AIScamHunter Icon AIScamHunter Icon

Privacy Policy

Your privacy is our foundation. AIScamHunter operates with a local‑first architecture – no personal data is ever collected or shared. This policy explains exactly what happens behind the scenes.

Local‑First
Zero Data Collection
GDPR / CCPA Compliant
Optional Telemetry

📋 Table of Contents

1. Overview & Philosophy
2. Local‑First Architecture
3. What We DO NOT Collect
4. Data Processed Locally
5. Browser Permissions
6. Third‑Party Services
7. Optional Telemetry
8. Data Storage & Retention
9. Premium Activation
10. Your Rights
11. Children's Privacy
12. Security Measures
13. Cookies & Tracking
14. Policy Updates
15. Contact & DPO

01 Overview & Our Privacy Philosophy

AIScamHunter is a next‑gen browser extension that provides comprehensive security against phishing, crypto scams, trackers, and malicious downloads – while processing everything locally on your device. Unlike traditional security tools that upload your browsing data to the cloud, our extension keeps all analysis inside your browser.

We built AIScamHunter on a single principle: security must never compromise privacy. Every feature – from typosquatting detection to crypto drainer blocking – works without collecting any personal information. Our business model does not rely on data monetisation, selling user profiles, or advertising.

If we don't collect it, we can't lose it, leak it, sell it, or be compelled to hand it over. This is privacy by design.

By using the extension, you acknowledge that you have read and understood this policy. If you disagree with any part, please uninstall the extension.

02 Local‑First Architecture

All security checks are performed directly on your device, without any data leaving your browser:

  • On‑Device AI & Heuristics: Typosquatting, DGA detection, homoglyph analysis, and script behaviour monitoring run entirely in the browser sandbox. No data is sent to any external server for classification.
  • Local Rule Engine: Domain reputation, SSL certificate validation, and tracker blocking are handled using locally stored rule sets that update periodically via anonymous HTTPS.
  • No Telemetry by Default: The extension does not send any data to external servers unless you explicitly enable optional anonymous telemetry (see Section 7).
  • Offline Capability: Core protection remains functional even without an internet connection after the initial setup.

03 What We DO NOT Collect

We never collect, access, store, or transmit any of the following:

Browsing history / URLs
Page content or DOM
IP address / geolocation
Device fingerprints
Personal info (name, email)
Login credentials / passwords
Form data / search queries
Cookies from websites
Crypto wallet addresses
Payment / financial data
Keystrokes / mouse movements
Incognito session data

04 Data Processed Locally on Your Device

To provide security features, the extension processes limited information exclusively inside your browser. None of this ever leaves your device:

  • URL Analysis: The current page URL is checked against local pattern‑matching rules and then immediately discarded.
  • Page Metadata: SSL certificate details, domain age, and redirect chains are analysed locally.
  • Script Inspection: Scans for malicious patterns (crypto drainers, obfuscated code) within the sandbox.
  • User Preferences: Settings, allow/block lists, and Safe Mode are saved using chrome.storage.local.
  • Threat History & Tools Data: A local log of blocked threats, batch URL scans, and activity charts. You can erase everything with the Privacy Cleaner.

The Pulizia privacy (Tools Center) removes all locally stored data. Uninstalling the extension also permanently deletes all data.

05 Browser Permissions Explained

Each permission is used exclusively for security functionality:

tabs / activeTab

To analyse the URL and content of the currently active tab for real‑time threat detection.

storage

To save your settings, allow/block lists, threat log, and Tools Center history locally.

webNavigation

To monitor redirect chains and cloaking attempts before a page fully loads.

scripting

To inject minimal security scripts that detect malicious behaviours (e.g., crypto drainer contract calls) within the sandbox.

declarativeNetRequest

To efficiently block malicious domains, trackers, and dangerous downloads at the network level.

clipboardRead (optional)

Only if Clipboard Protection is enabled, to detect cryptocurrency address swapping. Contents are checked locally and never transmitted.

06 Third‑Party Services & Proxied APIs

AIScamHunter does not integrate any analytics, advertising, or tracking SDKs. The following limited interactions occur through our proxy servers to protect your IP:

  • Threat Intelligence Feeds: Queries to Google Safe Browsing, URLhaus, OpenPhish, PhishTank, AbuseIPDB, URLScan, PhishDestroy, and Phishing Army are routed via our proxy. Only domain hashes or anonymised queries are forwarded; your IP is never exposed.
  • Email Reputation (Disify API): The optional email safety check in the Tools Center sends the email address to Disify over HTTPS. No other data is included.
  • Rule Set Updates: Updated threat definitions are downloaded from our secure CDN (Cloudflare). These requests are anonymous and contain no user identifiers.
  • Our Website: The marketing website (aiscamhunter.com) uses Cloudflare and may log standard server data (IP, user agent) for a maximum of 30 days, not linked to extension usage.

07 Optional Anonymous Telemetry

AIScamHunter includes an opt‑in telemetry system (disabled by default). If you enable it, the extension sends only aggregated, non‑personal statistics to help improve detection:

  • Event type (e.g., "phishing_blocked", "drainer_detected")
  • Country code (derived from browser locale, not IP)
  • Risk score category (low/medium/high)
  • Extension version and browser type

No URLs, IP addresses, or personal identifiers are ever transmitted. Telemetry is sent over HTTPS and stored in aggregate. You can disable it at any time in the settings. It is automatically turned off in incognito mode.

08 Data Storage & Retention

All extension data resides exclusively in your browser's local storage (chrome.storage.local, IndexedDB). We operate zero external user databases.

  • User Preferences & Lists: Kept until you clear them or uninstall.
  • Threat History & Tools Logs: Stored locally; can be wiped via Privacy Cleaner.
  • Cached Rule Sets: Updated periodically; old versions automatically replaced.

We have no access to the data stored on your device. You remain in complete control.

09 Premium Activation & Payments

Premium features are activated manually via phone or WhatsApp. No payment information is processed through the extension. Any personal details shared during activation (e.g., phone number) are used solely for verification and stored securely. You may request deletion at any time.

Premium status is verified locally via a cryptographic token – no ongoing server communication is required after activation.

10 Your Rights (GDPR, CCPA, etc.)

Because we do not collect personal data, most data subject rights are inherently satisfied. However, we fully respect:

Right to Access / Right to Know

We hold no personal data. For Premium users, you can request a copy of activation‑related communication.

Right to Erasure (Right to be Forgotten)

Uninstalling the extension removes all local data. You can also request deletion of any Premium records we may hold.

Right to Portability

Your local settings can be exported manually through the extension's interface. No personal data is processed.

Right to Non‑Discrimination

All features remain available regardless of privacy choices.

To exercise these rights, contact us via the information in Section 15. We respond within 30 days.

11 Children's Privacy

AIScamHunter is not directed at children under 16. Since the extension collects no personal data from any user, there is no risk of inadvertent collection from minors. We encourage parents to install the extension on family devices for its strong security protections.

12 Security Measures

  • All external communications use TLS 1.3 (HTTPS).
  • Rule set updates are cryptographically signed to prevent tampering.
  • Our website enforces HSTS and is protected by Cloudflare.
  • Premium activation records are encrypted at rest and accessible only via multi‑factor authentication.
  • The extension's source code is open for community review.

13 Cookies & Tracking

The AIScamHunter extension does not use cookies and does not read or set cookies on websites you visit.

Our marketing website may use a session cookie to remember your theme preference (light/dark). We do not deploy advertising, social media, or analytics cookies.

14 Policy Updates

We may revise this policy occasionally. The "Last Updated" date at the top will reflect changes. For material changes, we will display a notification within the extension. Your continued use of the extension after an update constitutes acceptance of the revised policy.

15 Contact Information & DPO

Email: privacy@aiscamhunter.com

Website: aiscamhunter.com/contac/

Response Time: Within 48 hours

Data Protection Officer (DPO): dpo@aiscamhunter.com

If you are in the EEA or UK, you have the right to lodge a complaint with your local supervisory authority. We encourage you to contact us first so we can address your concerns directly.

Back to AIScamHunter Home