← Back to home
Privacy Policy
Sam Soft Privacy Shield · Last updated: 2026
Sam Soft Privacy Shield is built so we never have to be trusted with your data — most of it never leaves your device. This policy explains exactly what is stored, what is transmitted, and what we never collect.
Data stored locally on your device
The following is kept in your browser's local storage and never sent to us:
- Password vault entries (encrypted with AES-256-GCM; PBKDF2, 600,000 iterations, random salt)
- Extension settings and the trusted-sites whitelist
- Activity and tracker-block logs
- License/activation status
Data that leaves your device — only when you use a feature
- Email breach checks: your email address is sent to the HaveIBeenPwned API to check for known breaches.
- Password breach checks: performed using k-anonymity — only a partial, irreversible hash prefix is sent, so your actual passwords never leave your device.
- License activation & payment: processed through Karl POS using an anonymous session identifier. No name or email is required to activate.
- Uninstall feedback (optional): if you choose to fill in the uninstall form, your selected reasons and any comment are sent so we can improve the product.
What we never collect
We do not collect analytics, usage tracking, or browsing history. The extension does not phone home and does not sell or share personal data with third parties.
Permissions
The extension requests broad host access so it can block trackers and apply fingerprint protection on the sites you visit. This access is used only for the privacy features described above and never to record or transmit your browsing.
Contact
Questions, support, or data requests: