Anima Vault Extension Privacy Policy

Anima Vault is a Chrome browser extension that lets authorized AI agents fill the user's saved credentials and addresses into web forms — only when the user explicitly approves each action through the extension popup.

This Privacy Policy describes the data the extension processes, why, where it is stored, and how it is protected. It is supplemental to the general Anima Privacy Policy which governs the broader Service.

Authentication Information

Login passwords, API keys, and access tokens that the user has saved to their Anima Vault. Delivered to the extension on demand via a signed WebSocket bridge from api.useanima.sh after the user approves a fill request. Held in memory only for the duration of the fill action; never written to disk.

Personally Identifiable Information (Addresses)

Verified billing and shipping addresses associated with the user's Anima profile, used to autofill checkout address forms. Session-scoped processing only; not retained by the extension after the fill completes.

Authenticated Session State

When the user connects the extension, an exchange code is traded with api.useanima.sh for a per-extension API token and HMAC signing secret. These are stored in chrome.storage.session (cleared when the browser closes) by default, or in chrome.storage.local if the user has opted into a longer-lived session via the auth-policy setting.

Receipt Artifacts (Optional)

When the user enables receipt capture, the extension extracts structured receipt data and a screenshot from the checkout confirmation page, then uploads it to the user's Anima organization workspace for reconciliation. Disabled by default; the user controls retention via their organization's data policies.

• Browsing history, page URLs visited, or page content from non-checkout sites
• Mouse movements, keystrokes, scroll behavior, or other behavioral telemetry
• Health, location, communications, or other categories not tied to fill actions
• Personal data from sites where the user has not invoked a fill action
• Any data that is not necessary to fulfill a user-approved fill request

The extension processes data only to:

• Fill credentials or addresses into forms the user has approved
• Verify that a fill request is targeting the expected origin (anti-phishing)
• Maintain the authenticated bridge connection to api.useanima.sh
• Optionally capture receipt evidence for accounting and audit

• Every fill action requires explicit per-action approval through the extension popup
• The extension never auto-fills without user approval
• The user can disconnect the extension at any time from the popup, which revokes the API token server-side and clears all local credential state
• Token TTL settings (15 minutes, 1 hour, session) auto-disconnect the extension on the user's schedule
• Uninstalling the extension removes all locally stored extension data

• All communication with api.useanima.sh is over HTTPS / WSS with TLS encryption in transit
• Bridge messages are HMAC-signed and replay-protected with per-message nonces and timestamps
• A strict Content Security Policy (script-src 'self') prevents loading any remote scripts
• External-message handlers reject requests from origins not in the allowlist (console.useanima.sh, app.useanima.sh)
• Sensitive credentials are written to chrome.storage.session when possible (cleared on browser close)
• API tokens are revoked server-side on disconnect, expiry, or uninstall

• The extension does not sell user data
• The extension does not share extension-collected data with unaffiliated third parties
• Data flows only between the user's browser and the user's own Anima organization workspace

For a list of subprocessors used by the broader Anima Service, see our Subprocessors page.

Credentials delivered to the extension are not persisted — they are held in memory for the duration of the fill action only.

Authentication tokens follow the user's configured TTL (15 minutes, 1 hour, or session-bound) and are revoked server-side automatically on expiry.

Receipt artifacts (when the feature is enabled) are uploaded to the user's Anima workspace and follow that organization's retention policy.

The Anima Vault extension is not intended for use by individuals under the age of 18. We do not knowingly collect data from children.

Changes to this Privacy Policy will be posted on this page. Material changes will also be communicated through the extension popup or via email to the connected Anima account.

For questions about this policy or to exercise your data rights, contact:

privacy@useanima.sh

Anima Labs Ltd.