Privacy Policy - Lw Multi-Tools Chrome Extension

🛡️ Introduction

Lw Multi-Tools is a Chrome extension designed for network analysis and web security testing. This privacy policy explains how the extension handles user data and what information is collected, processed, and stored during its operation.

✓ Privacy First: We are committed to protecting your privacy. This extension does not collect, store, or share any personal data with third parties. All operations are performed locally or through secure API calls.

Single Purpose: This extension's sole purpose is to provide web developers and system administrators with network analysis and security testing tools, including DNS queries, WHOIS lookups, IP/ASN information, HTTP status checks, security header analysis, and data leak detection.

📊 Data Collection & Usage

What Data We Access

Permission	Purpose	Data Collected
activeTab	Access current tab's URL and domain information	Current page URL (temporary, not stored)
tabs	Read basic tab information for auto-filling forms	Tab URL and title (temporary, not stored)
storage	Save user preferences locally	Extension settings (stored locally only)
declarativeNetRequest	Apply privacy protection rules	No data collected (rules are static)
host_permissions	Connect to API services for analysis	User-entered domains/IPs (sent to APIs only)

What Data We DO NOT Collect

❌ No Personal Data: We do not collect names, email addresses, phone numbers, or any personally identifiable information (PII).

❌ No Browsing History: We do not track or store your browsing history or visited websites.

❌ No Cookies Storage: We do not access or store browser cookies (Cookie Manager feature was removed).

❌ No Analytics: We do not use Google Analytics or any third-party tracking services.

❌ No Form Data: We do not capture or store form inputs, passwords, or credit card information.

🔧 How We Use Your Data

Local Processing

All user settings and preferences are stored locally in your browser using Chrome's storage.local API. This data never leaves your device and is only used to remember your preferences between sessions.

API Requests

When you use the extension's tools (e.g., WHOIS lookup, IP info, HTTP check), the extension sends requests to external API services. These requests contain only the domain name or IP address you explicitly enter or select.

API Services Used:

api.layerweb.com.tr - Leak checker, port checker, safe browsing
check-host.net - HTTP availability checking
dns.google - DNS resolution
ipinfo.io - IP geolocation and ASN information
api.bgpview.io - BGP and ASN data
rdap.org - WHOIS/RDAP domain information
whois.freeaiapi.xyz - Alternative WHOIS data
stat.ripe.net - Network statistics and peering data
crt.sh - SSL certificate transparency logs
openpagerank.com - SEO metrics
api.ipify.org - Public IP detection
api.redirect-checker.net - URL redirect analysis
am.i.mullvad.net - VPN/Proxy detection

Note: Each API has its own privacy policy. We recommend reviewing them if you have concerns about how they handle the domain/IP data you submit.

No Remote Code Execution

This extension does not load or execute remote code. All JavaScript code is bundled within the extension package and reviewed by Chrome Web Store before publication.

👤 Your Rights & Control

You Have Full Control

Disable Features: You can disable any feature (e.g., auto HTTP check, background monitoring) in the Settings screen.
Clear Data: You can clear all locally stored settings at any time by uninstalling and reinstalling the extension.
Uninstall Anytime: You can remove the extension at any time, which will delete all local data.
Revoke Permissions: You can revoke extension permissions through Chrome's extension settings.

Data Retention

Local Storage: Settings are stored indefinitely until you clear them or uninstall the extension.

API Requests: The extension does not retain any logs of API requests. Request data is discarded immediately after displaying results to you.

⚖️ GDPR & KVKK Compliance

✓ GDPR Compliant: This extension complies with the General Data Protection Regulation (GDPR) as it does not process personal data without user consent.

✓ KVKK Compliant: This extension complies with Turkey's Personal Data Protection Law (KVKK - Kişisel Verilerin Korunması Kanunu).

Legal Basis for Processing

User Consent: By installing and using this extension, you consent to the processing described in this policy.
Legitimate Interest: Processing is necessary to provide the network analysis and security testing services you requested.

Data Protection Principles

Lawfulness, Fairness, and Transparency: We clearly explain what data is processed and why.
Purpose Limitation: Data is only used for the specific purpose of network analysis.
Data Minimization: We only process the minimum data necessary (domain/IP addresses you enter).
Accuracy: We do not store data long-term, so accuracy concerns are minimal.
Storage Limitation: Data is not stored beyond the immediate session.
Integrity and Confidentiality: All API requests are made over HTTPS (encrypted connections).

🔒 Security Measures

We take security seriously and implement the following measures:

HTTPS Only: All API requests are made over secure HTTPS connections.
Content Security Policy (CSP): Strict CSP rules prevent XSS attacks and unauthorized code execution.
Input Sanitization: All user inputs are validated and sanitized before processing.
No Third-Party Scripts: We do not load any third-party JavaScript libraries from CDNs.
Minimal Permissions: We request only the permissions necessary for core functionality.
Code Review: All code is reviewed by Chrome Web Store before publication.

📝 Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons.

Notification: When we make changes, we will update the "Last Updated" date at the top of this page. For significant changes, we may notify users through the extension's update notes or Chrome Web Store listing.

Your Continued Use: By continuing to use the extension after changes are posted, you accept the updated privacy policy.

📧 Contact Us

If you have any questions, concerns, or requests regarding this privacy policy or how we handle your data, please contact us:

Developer: Layerweb

Website: https://layerweb.com.tr

Support: For technical support or privacy inquiries, please visit our website or contact us through Chrome Web Store.

Data Subject Rights

Under GDPR and KVKK, you have the right to:

Access your personal data (though we store none)
Rectify inaccurate data
Request deletion of your data
Object to data processing
Data portability
Withdraw consent at any time

To exercise these rights, simply uninstall the extension or disable specific features in Settings.

⚠️ Disclaimer

Educational & Professional Use Only: This extension is designed for network administrators, web developers, and security professionals for legitimate testing and analysis purposes.

No Warranty: The extension is provided "as is" without warranty of any kind. We are not responsible for any damages or data loss resulting from the use of this extension.

Third-Party APIs: The accuracy and availability of results depend on third-party API services. We are not responsible for the accuracy, reliability, or privacy practices of these external services.

Legal Compliance: Users are responsible for ensuring their use of this extension complies with applicable laws and regulations in their jurisdiction.