Privacy Policy - OTP2WebAuthn Password Autofill
Last Updated: April 23, 2026
TL;DR: This extension stores all data locally on your device only. We do not collect, transmit, or share any of your data. Everything stays on your computer.
1. Data Collection
We DO NOT collect any data.
The extension does NOT:
- Collect personal information
- Track browsing history
- Send analytics or telemetry
- Communicate with external servers
- Share data with third parties
2. Local Storage Only
All data is stored locally on your device using Chrome's encrypted storage:
- Website domains (for configuration)
- Password prefixes (encrypted)
- TOTP secret keys (encrypted)
- WebAuthn credential IDs
3. Data Usage
Stored data is used exclusively for:
- Generating TOTP codes
- Autofilling password fields
- TouchID authentication
No data leaves your device.
4. Security
- Chrome's encrypted storage protects all data
- TouchID required for viewing/using credentials
- Password fields masked by default
- No network transmission
5. Third-Party Services
None. The extension uses no third-party services, analytics, or APIs.
6. User Rights
You have complete control:
- View all stored data (requires TouchID)
- Edit any configuration
- Delete configurations anytime
- Uninstall removes all data
7. Open Source
Source code: github.com/akram/otp2webauthn
8. Contact
Questions? Open an issue on GitHub
9. Compliance
GDPR & CCPA Compliant: No personal data is collected, transmitted, or sold.
© 2026 OTP2WebAuthn | GitHub