Data collection
OroQ does not collect, transmit, or sell personal data. The extension never sends browsing history, URLs, or page content to external services. Network access is limited to the active tab and Declarative Net Request (DNR) rules required for SafeSearch and ad blocking.
Data stored locally
- chrome.storage.sync
enabled– on/off state of core protectionallowlist– hostnames trusted by the user/administratoraggressive– visual blurring togglesensitivity– heuristic threshold slider valueonboardingComplete– whether the first-run tour has been viewed
- chrome.storage.local
userBlocklist– administrator-imported domains to block
No user identity, account, or credential data is stored.
Content scanning
Heuristic text and DOM analysis runs inside the browser process. Images/videos remain on device; OroQ does not upload pixels for remote classification. Blocked pages show an interstitial with a temporary override scoped to the current host and tab (session-only).
Permissions rationale
storage– save user and administrator preferences.declarativeNetRequest– enforce SafeSearch, allowlists, and blocklists without inspecting full request bodies.tabs– read the active tab’s hostname to power the “Allow this site” toggle in the popup. The hostname is never persisted after the popup closes.
No background network calls or remote configuration fetches are performed.
Opt-out and removal
Users can pause protection from the popup or remove the extension entirely from Chrome at any time. Uninstalling the extension deletes all local data.
Contact
Questions or data requests? Open a GitHub Discussion or email the maintainer listed in Support. Security vulnerabilities should follow the responsible disclosure path outlined in SECURITY.md.