Privacy policy — Prototype Feedback
Prototype Feedback is a browser extension that lets a reviewer pin comments to elements (or regions) on a webpage and export the captured feedback as a ZIP archive (for AI coding assistants) or a single-file HTML report (for sharing with stakeholders).
What the extension collects
When the reviewer takes an action (clicks an element, drags a region, or saves a comment), the extension stores the following on the reviewer's local machine only, inside the browser's extension storage:
- The reviewer-typed comment text.
- A cropped PNG screenshot of the targeted element or region.
- A viewport-context PNG screenshot (downscaled) showing the element in page context.
- A CSS selector for the targeted element (if applicable).
- The bounding-box coordinates of the target in CSS pixels.
- The page URL, page title, and viewport dimensions of the visited page.
- The reviewer's chosen display name, optional email, and project label.
- Any reference attachments the reviewer drops in: image/file bytes (encoded as base64) and pasted reference URLs.
- For element-targeted comments, a snapshot of the targeted element: its HTML and visible text (truncated, and run through a built-in redaction pass that strips password/email/token fields and credit-card / SSN / email patterns before storage), a small set of computed CSS styles, the element's state (e.g. disabled, checked, ARIA attributes), and its ancestor tag chain. This lets an AI coding assistant locate and edit the right element.
- The reviewed page's build version, when the site exposes one: a commit hash or build id read from a
<meta>tag or the page's__NEXT_DATA__script, or a branch name parsed from a Vercel/Netlify preview URL. This lets an AI coding assistant check out the exact deployed build before editing. It is build metadata, not personal data, and is recorded only when such a marker is present on the page.
Optional capture (off by default)
The following are opt-in per feedback session and are not captured unless the reviewer turns them on using the toggles in the popover. Like everything else, they stay in browser memory and never leave the machine without an explicit Export or Upload:
- Console output — errors and warnings (and uncaught exceptions / unhandled promise rejections) that occur during the active session, with timestamps.
- Network failures — captured by an in-page shim that wraps
fetch/XMLHttpRequestduring the active session. Only the request URL (with sensitive query parameters such as tokens, keys, session ids, and passwords stripped), the HTTP status, and the method are recorded. Request and response bodies are never captured, and the capture is capped to the most recent entries.
What the extension does NOT collect
- No telemetry, analytics, or crash reporting.
- No data is sent to the extension author or any server controlled by the extension author.
- No data is sent automatically anywhere. The reviewer must explicitly click an export or upload button to move data off their machine.
- No browsing history, cookies, or page contents beyond: the screenshots and element snapshot of the area the reviewer chose to capture (with form-field values redacted), a build-version marker if the page exposes one, and any console/network capture the reviewer explicitly opted into for that session.
Permissions and why they are required
| Permission | Why |
|---|---|
storage | Save captured comments locally between page loads and browser sessions. |
unlimitedStorage | Sessions with many screenshots can exceed the default 5 MB storage cap. This permission lifts the limit so data is not lost mid-session. All data remains local. |
activeTab | Temporary access to the tab the reviewer is currently viewing — granted only when they click the extension icon. Used to read the page URL and inject the in-page toolbar. Revoked when the tab navigates. |
scripting | Inject the toolbar / content script into the active tab when the reviewer clicks "Start feedback session". When the reviewer opts in, it also injects small shims that wrap console.error/console.warn and fetch/XMLHttpRequest to include runtime errors and network failures in exports. These shims run only on the active tab and only after the reviewer enables the corresponding capture toggle. |
downloads | Write the exported file (ZIP or HTML) to the reviewer's Downloads folder when they click Export. |
identity | Authenticate the reviewer with their Google account when they choose to upload an export to Google Drive. The OAuth flow is interactive (requires explicit user consent), scoped to drive.file (can only access files the extension itself created), and entirely opt-in — reviewers who do not click "Upload to Drive" never trigger this flow. No tokens are stored by the extension; Chrome manages the token lifecycle. |
The extension does not request the broad <all_urls> host permission and does not request the tabs permission. Access to a page is scoped to the single tab the reviewer explicitly activates.
Where data goes
- Stored: in
chrome.storage.local, scoped to this extension on the reviewer's machine. Organized into independent sessions. - Exported: only when the reviewer clicks Export, into a ZIP archive or HTML file the reviewer chooses to save and share manually.
- Google Drive (opt-in): when the reviewer clicks "Upload to Drive", the exported ZIP is uploaded to a Google Drive folder the reviewer configured. This is the only case where data leaves the reviewer's machine via the extension. The upload goes directly from the extension to the Google Drive API — no intermediary servers are involved, and the extension author has no access to the uploaded file. The reviewer can revoke access at any time at myaccount.google.com/permissions.
- Deleted: when the reviewer clicks "Clear session" or deletes a session in the popup, when the extension is uninstalled, or when the reviewer clears their browser data for this extension.
Children
This extension is not directed at children under 13 and the author does not knowingly collect any data from such users.
Contact
For questions about this policy, reach the developer at the email listed on the Chrome Web Store listing.