Privacy policy.

Over Your Shoulder ("OYS", "we", "our") is a free Chrome browser extension operated by My Insights, a company based in Switzerland. This privacy policy explains what data the extension collects, how it is stored, and how it is used. It also covers the website overyourshoulder.ch.

This policy applies to:

• The Over Your Shoulder Chrome extension, available on the Chrome Web Store.
• The website overyourshoulder.ch, including all subpages.

It does not apply to any third-party website, service, or AI platform that the user may access while the extension is installed.

The extension observes outbound network requests made by the user's browser to a predefined list of AI service hostnames. For each observed request, the extension records the following five fields of metadata:

• Timestamp of the request (device-local time).
• Destination hostname (e.g., api.openai.com).
• Destination path, truncated to 50 characters.
• Browser tab identifier (an internal numeric ID assigned by Chrome).
• Source site (the URL of the page that initiated the request, when available).

The extension does not collect, record, transmit, or access any of the following:

• Request bodies, including the text of prompts or queries sent to AI services.
• Response bodies, including the text of responses from AI services.
• Authorization headers, bearer tokens, API keys, or credentials.
• Cookies, session identifiers, or authentication data.
• File attachments, uploaded images, or other binary content.
• Full URLs with query parameters.
• IP addresses of the user or the destination server.
• Information from websites other than those on the AI service hostname list.

All data collected by the extension is stored exclusively in the browser's local storage area (chrome.storage.local) on the user's device. Data is not transmitted to any external server, cloud storage, or third party. The extension does not connect to any remote endpoint for any purpose.

Data is automatically rotated: entries older than 30 days are removed on a daily basis. The user may delete all stored data at any time by using the "Reset all data" function in the extension's settings, or by uninstalling the extension.

The collected metadata is used solely to compute and display exposure metrics to the user, within the extension itself. These metrics include aggregate request counts, vendor distributions, geographic distribution of destinations, and a composite exposure score. No other use is made of the data.

No data collected by the extension is shared with, sold to, or made available to any third party, under any circumstances. The extension has no analytics, no telemetry, no crash reporting, and no external logging.

Data collected by the extension is not used for training machine learning models, developing new products, or any purpose beyond the immediate display of metrics to the user. It is not accessible to the developers of OYS or to My Insights.

Because all data remains on the user's device and is never transmitted, the user retains full and exclusive control over it at all times. Specifically, the user may:

• View the data via the extension's own interface.
• Delete all data by using the "Reset all data" function in settings.
• Uninstall the extension, which removes all associated data immediately.

We cannot access, export, or delete user data on request, because we do not receive or hold it.

The website does not use cookies, does not run analytics, and does not embed third-party trackers. The website may include an optional email capture form for users who wish to be notified of future products (specifically, Symbiont). Emails submitted via this form are processed by Formspree (an external form handler) and stored by us for the sole purpose of sending a one-time notification when the product launches. No further marketing communications are sent.

Formspree's own privacy policy applies to the transmission of these emails and is available at formspree.io.

The extension is not directed at children under 13. We do not knowingly collect data from children.

This privacy policy may be updated from time to time. The date of the most recent revision is indicated at the top of this page. Material changes will be reflected in the extension's release notes.

For any question regarding this privacy policy or the extension, contact:

contact@overyourshoulder.ch

My Insights
Switzerland