Last active 1 month ago

PRIVACY.md Raw

Privacy Policy — Feidu AUTOPILOT

Last updated: 2026-05-28

This document describes how the Feidu AUTOPILOT Chrome extension ("the extension") handles user data. The extension is the browser-side companion to feidu-daemon, a local macOS proxy controller distributed separately. This policy covers the extension only; the daemon is open source and its data handling is documented in its README.

TL;DR

The extension does not collect, transmit, or store any personal data on remote servers. All data the extension touches stays on the user's own machine: in the browser's local storage, or on the loopback interface between the extension and the local feidu-daemon at 127.0.0.1.

There is no analytics, no telemetry, no advertising, no third-party SDK, no remote logging, and no remote configuration. There are no remote network destinations contacted by the extension other than 127.0.0.1.

What the extension can observe

To do its job, Chrome grants the extension visibility into the following categories of data. Each is processed locally and never leaves the machine.

Data How observed What we do with it
URLs of pages you visit chrome.tabs, chrome.webNavigation Pass the top-frame hostname to the local daemon so it can choose a proxy tunnel for that tab. Held in service-worker memory; not persisted.
URLs of subresource requests chrome.webRequest (read-only) Detect requests that fail or stall, so the popup can offer a "Test this host" button. Held in per-tab in-memory index; cleared when the tab closes.
Active tab hostname chrome.tabs.query during popup interaction Render the popup ("you're on example.com — pin it?") and target user-initiated actions ("test this host"). Not persisted beyond the popup session.
Pin list (domain → region) Synced from the local daemon via SSE Cached in chrome.storage.local["pinned-cache"] so the popup can render when the daemon is briefly offline. Authoritative copy lives in the daemon, not Chrome.
Per-tab session ID (SID) Generated locally as feidu-<tabId>-<nonce> Sent to the local daemon over loopback so it can attribute each connection to the right tab. Released when the tab closes (chrome.tabs.onRemoved).

What the extension never does

  • It does not inject content scripts into web pages.
  • It does not read or modify the DOM of any page.
  • It does not block, redirect, modify, or rewrite any HTTP request or response (webRequest is used in read-only listener mode only).
  • It does not contact any remote server. The only network destination it dials is 127.0.0.1 (the local feidu-daemon).
  • It does not include analytics SDKs, error reporters, or any third-party JavaScript.
  • It does not transmit, sell, rent, or share user data with any third party.
  • It does not use user data for advertising, profiling, or creditworthiness assessment.

What the local daemon does with data the extension sends it

When you use the extension, the following data crosses the loopback boundary to the local feidu-daemon process running on the same machine:

  • The hostname of the page in each active tab, so the daemon can choose a proxy tunnel for that tab.
  • Domain pins you create or remove from the popup.
  • Routing-suggestion and test requests you initiate from the popup buttons.
  • The proxied HTTP/SOCKS traffic itself (the daemon is your proxy).

The daemon stores this on the local filesystem under $HOME/.feidu/ and /usr/local/var/lib/feidu-daemon/. The daemon does not upload this data anywhere. See the feidu-daemon README for details.

Permissions used by the extension

A per-permission technical justification is in PERMISSIONS.md. The permissions are: proxy, tabs, storage, activeTab, webRequest, webRequestAuthProvider, webNavigation, alarms, and host access to <all_urls>. Each is required for the per-tab routing and failed-resources detection features described above.

Data retention

  • In-memory per-tab failure index: cleared when the tab closes or when the service worker is suspended (whichever comes first).
  • chrome.storage.local["pinned-cache"]: persists across browser sessions; the user can clear it by uninstalling the extension or by clearing extension storage in chrome://extensions.
  • chrome.storage.session (per-tab SID map): cleared when the browser closes.
  • Daemon-side data on the local filesystem: governed by the daemon's own retention rules, see the feidu-daemon README.

Children's privacy

This extension is not directed at children under 13. We do not knowingly process data from children.

Open source and audit

The extension's source code is public. Reviewers, security researchers, and end users are encouraged to inspect service_worker.js, popup.js, and routes.js to verify the claims above.

Changes to this policy

Material changes will be noted at the top of this document with an updated date, and where possible announced in the extension's release notes on the Chrome Web Store.

Contact

Questions about this policy or about the extension's data handling can be sent to the support email listed on the extension's Chrome Web Store listing.