Privacy Policy for Sorolan Holvi

Effective Date: May 2026

1. Introduction

Sorolan Holvi ("the Extension") is a personal, encrypted password manager committed to protecting your privacy. This Privacy Policy explains how the Extension handles your data.

2. Data Collection and Usage

The Extension requires the <all_urls> permission to function properly. This permission is used exclusively to scan the current webpage for login forms (username and password fields) so that the Extension can autofill your credentials when explicitly requested.

• No Tracking: The Extension does not track your browsing history, monitor your behavior, or collect any analytics.
• No External Data Collection: The Extension only reads login fields when you open the popup or command it to autofill.

3. Required Permissions

• <all_urls>: Needed to detect login forms on any website you visit.
• clipboardWrite: Needed to copy your passwords or TOTP codes to your clipboard when you click the "Copy" button.

4. Data Sharing and Third Parties

We do not sell, trade, or rent user data to any third parties. Your encrypted password vault is synchronized directly with your own secure Cloudflare Worker endpoint. The extension does not contain tracking scripts or advertisements.

5. Security

All sensitive data (passwords, card details, TOTP secrets) is encrypted locally on your device using PBKDF2 and AES-GCM encryption before it is ever sent to your personal database. The Extension communicates exclusively via secure HTTPS protocols.

6. Contact

If you have any questions regarding this privacy policy, you can contact us at: contact.make@sorola.fi