Privacy Policy
cloak explains what information the website, checkout, support flow, and extension collect, how it is used, when it may be disclosed, and the safeguards in place.
What this page covers
This Privacy Policy covers the cloak website, support and feedback forms, the checkout flow, paid subscriptions, activation-code delivery, and the current cloak browser extension build.
cloak is an early product. As the extension, billing, and support systems change, this page will be updated so users can understand what information is collected, how it is used, who it may be shared with, and how it is protected.
Information we collect
Website and support forms may collect information you choose to submit, including your email address, role or use case, optional page or store URLs, purchase/support context, feedback notes, bug reports, and other details you include so we can respond or improve cloak.
When you buy a cloak subscription, Stripe collects and processes checkout and billing information such as name, email, payment method details, billing address, tax information where required, transaction identifiers, subscription status, refund or dispute status, and fraud-prevention signals. cloak receives limited Stripe records needed to confirm payment, manage the subscription, issue activation codes, provide support, handle refunds, and keep business records.
The website may also receive ordinary technical information such as IP address, device/browser type, referring pages, timestamps, form-submission metadata, server logs, and security or reliability events.
The current extension processes browser data needed for its user-facing protection features. That can include page URLs, page titles, page timing/session context, page text and links needed to detect pressure or tracking patterns, form targets and related page content needed to scrub tracking-heavy destinations, readable cookie/storage state the extension can access from the page, and local proof or setting state stored in the browser.
How we use information
cloak uses information to provide and improve the product: creating checkout sessions, confirming paid access, sending activation and support messages, responding to requests, debugging broken pages, improving reliability, preventing abuse, keeping required business records, and understanding which protection features are useful.
Extension data is used for cloak's single purpose: helping protect people from tracking, profiling, deceptive pressure, and price discrimination while browsing online. In the current build, that means blocking known tracking requests, cleaning tracking-heavy URLs, reducing some fingerprinting signals, clearing readable tracking state the extension can access, and showing local warning UI when relevant patterns appear.
cloak does not sell personal data, use extension-processed browser data for advertising, or use or transfer it for creditworthiness, lending, insurance, housing, employment, or similar eligibility decisions.
How information may be disclosed
cloak may disclose limited information to service providers that help operate the site, extension, checkout, subscription management, customer support, email delivery, analytics/reliability, security, hosting, business operations, and legal compliance. These providers are expected to use the information only to provide their services to cloak.
Stripe processes payment and billing information as cloak's payment processor. Depending on the transaction, Stripe may share information with banks, card networks, payment-method providers, fraud-prevention partners, tax tools, and other parties needed to complete payment, comply with law, or manage disputes.
cloak may disclose information if required by law, legal process, tax/accounting rules, security investigations, abuse prevention, merger/acquisition diligence, or to protect the rights, safety, and property of cloak, users, or others.
How disclosure happens
Disclosures happen through ordinary business systems such as secure hosted services, payment processor dashboards and APIs, server logs, email systems, support records, spreadsheets or databases used for customer operations, and legally required filings or responses.
We do not publish user support messages, checkout details, or extension-processed browsing content as testimonials or marketing proof without permission.
Security practices
cloak uses reasonable administrative, technical, and organizational safeguards for an early-stage product, including HTTPS on the public site, least-necessary access to operational records, provider-managed payment security through Stripe, secret-based webhook verification, limited internal access, and separation of payment details from extension-local protection behavior.
No internet service can guarantee perfect security. Users should avoid sending unnecessary sensitive information through support forms and should contact us if they believe their information was submitted by mistake or exposed unexpectedly.
Retention and control
Website submissions, support notes, payment records, activation records, and operational logs may be retained for support, security, tax/accounting, legal compliance, refund/dispute handling, product improvement, and record-keeping. We try not to keep information longer than reasonably needed for those purposes.
Extension settings and local proof state stay in the user's browser storage until the user clears them, resets them, or removes the extension. Because some protection logic acts on live pages, users should review the extension's current behavior and settings before using it on sites that matter to them.
If you want us to update or delete information you submitted through the site, contact cloak support at ray@cloak.build. We may need to keep some records when required for payments, accounting, fraud prevention, legal compliance, or security.
Chrome Web Store disclosure
cloak requests only the permissions needed for its current user-facing privacy features. The use of browser data by the current extension build is limited to providing or improving those disclosed protection features, consistent with the Chrome Web Store User Data Policy.
The packaged extension does not use remotely hosted extension code. We do not let humans read extension-processed browser data unless a user explicitly asks for support on specific material, or access is necessary for security or legal reasons.
Children
cloak is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child submitted information to cloak, contact us so we can review and delete it where appropriate.
Changes
We may update this Privacy Policy as the site, extension, billing flow, or legal requirements change. If we make material changes, we will update the date at the top of this page and publish the revised version here.