Data Privacy
Crosscheck's Chrome extension collects developer context alongside your captures to make bug reports actionable. This page explains exactly what data is collected, what is not collected, and how that data is handled.
What the Extension Collects
| Data Type | Description | When Collected |
|---|---|---|
| Console Logs | Messages logged to the browser console (log, warn, error, info) | Continuously while extension is active on the page |
| Network Requests | URLs, HTTP methods, status codes, timing, and response sizes of network requests | Continuously while extension is active on the page |
| DOM Snapshots | Serialized DOM mutations recorded by session recording technology for instant replay | On enabled websites only, for the replay buffer (last 1 to 5 minutes, configurable) |
| Screenshots | Pixel capture of the visible viewport or the full page | On user action (click capture button) |
| Screen Recordings | Video of the browser tab or desktop using the browser's built-in recording capabilities | On user action (start/stop recording) |
| User Action Timeline | Clicks, keypresses, and navigation events with timestamps | Continuously while extension is active on the page |
| Page Metadata | Page URL, title, viewport dimensions, browser info | At the time of capture |
What the Extension Does Not Collect
Crosscheck is designed to avoid capturing sensitive user data:
- Passwords: The extension does not intercept or capture password field values.
- Form data content: The content of form inputs (text fields, dropdowns, etc.) is not captured or transmitted.
- Cookies: Browser cookies are never read, logged, or included in captures.
- Local storage or session storage: The extension does not access or export the page's storage APIs.
- Authentication tokens from the page: Tokens used by the application under test are not extracted from headers or storage.
Data Stays Local Until Shared
All collected data remains in your browser's local memory until you explicitly create a capture and upload it. Browsing with the extension active does not automatically send any data to Crosscheck's servers.
The data flow is:
- Extension collects DevTools data in local browser memory.
- You click the capture button to create a screenshot, recording, or replay.
- Only then is the data saved to your Crosscheck workspace.
- If you close the tab or navigate away without capturing, the data is discarded.
Instant Replay Buffer
The instant replay feature uses session recording technology to continuously record DOM mutations in memory. This buffer stores approximately the last 120 seconds of page activity. The buffer is automatically recycled. If you do not capture a replay, the buffered data is discarded automatically.