Privacy Policy

Last Updated: March 18, 2026

                    ✅
                    Short version: Web Authority performs all page inspection locally in your browser. We do not collect your browsing data, page content, or any personal information. The only external connection the extension makes is to Freemius, a licensing platform we use for paid plan management — explained in full below.
                

Loopstates ("we", "us", "our") built Web Authority as a browser extension for SEO professionals, developers, and marketers. This policy explains exactly what data the extension accesses, what it sends externally (if anything), and why each browser permission is required.

🗂️ What Data We Collect

We do not collect, store, or transmit any page content, URLs, or browsing history. All SEO analysis (metadata, links, images, headings, schema, Core Web Vitals, etc.) is performed locally inside your browser. The results are displayed only to you and are never sent to Loopstates or any third party.

The only user data that may be processed externally is related to licensing, detailed in the Third-Party Services section below.

🔑 Permissions — What We Use & Why

The following permissions are declared in the extension's manifest. Each is required for a specific feature:

"activeTab" Grants access to the tab you are currently viewing, but only when you click the extension icon. Used to read the active page's HTML, links, images, and metadata for on-demand analysis. Access ends the moment you close the popup. We never access background tabs. Applies identically on Chrome and Firefox.
"scripting" Allows the extension to inject a local analysis script into the active page. This script reads the page's DOM to extract SEO signals (headings, canonical tags, schema markup, etc.) and passes results back to the popup. Nothing is sent externally.
"webRequest" Used to read HTTP response headers of the active page (e.g., status codes, redirect chains, security headers like HSTS, Content-Security-Policy, X-Frame-Options). This is read-only — no requests are modified or intercepted.
"storage" Saves your extension preferences and settings (e.g., UI theme, panel state) locally on your device using the browser's built-in storage API. This data never leaves your machine.
"alarms" Used internally by the extension runtime to schedule deferred background tasks (e.g., cache clearing, license status refresh). Not used to trigger notifications or interact with the page. On Chrome, the background process runs as a Service Worker; on Firefox, it runs as a persistent background script. Both behave identically from a privacy standpoint.
Host permissions: "http://*/*" and "https://*/*" Required so the content script can run on any domain you choose to inspect. Without broad host permissions, the analysis script could not execute on arbitrary websites. This permission is not used to track your browsing or access sites you haven't explicitly opened the extension on.
Host permission: "https://api.freemius.com/*" Required exclusively to communicate with the Freemius licensing API for paid plan verification. See the Third-Party Services section for full details on what Freemius receives.

🔌 Third-Party Services

Freemius (Licensing Platform)
Web Authority uses Freemius as its licensing and subscription management platform for paid plan features. When you activate or verify a license key, the extension communicates with api.freemius.com. Freemius may receive your license key, email address (if provided during purchase), and basic device fingerprint information to validate your entitlement. This communication is encrypted over HTTPS. Freemius has its own privacy policy, available at freemius.com/privacy. The free tier of Web Authority does not initiate any Freemius API calls.

Beyond Freemius, the extension may fetch publicly accessible files on the site you are inspecting — for example, robots.txt, sitemap.xml, or llms.txt — as part of specific audit checks. These are standard HTTP requests to the same domain you are already visiting and do not include any personal information.

We do not use Google Analytics, Facebook Pixel, Sentry, Amplitude, or any other analytics, error tracking, or advertising SDK.

💾 Data Retention & Storage

All data stored by the extension (your preferences and settings) lives in your browser's local extension storage on your own device. You can delete this data at any time by uninstalling the extension or clearing extension data via your browser's settings. We have no copy of it.

Audit results are ephemeral — they are computed on demand each time you open the popup and are not persisted anywhere.

👤 Children's Privacy

Web Authority is a professional tool not directed at children under the age of 13. We do not knowingly collect any personal information from children. If you believe a child has used this service, please contact us immediately.

🔄 Changes to This Policy

We may update this Privacy Policy when the extension's features or third-party integrations change. Significant updates will be noted by revising the "Last Updated" date at the top of this page. Continued use of Web Authority after changes are published constitutes acceptance of the updated policy.

🤝 Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us at [email protected].