Privacy Policy
Effective Date: February 24, 2026 · Last Updated: March 12, 2026
What SOC2Snapp Does
SOC2Snapp is a Chrome extension for capturing audit-grade screenshots with metadata chain of custody, client-side PII redaction, and digital signatures. It is designed for SOC 2 compliance workflows.
Data That Stays on Your Device
All core functionality runs entirely in your browser:
- Screenshots are captured and stored locally in your browser. They never leave your device unless you explicitly download them to disk.
- PII redaction is performed client-side before any data leaves the browser.
- Digital signatures are generated locally.
- Audit logs are stored in local browser storage.
Permissions and Why We Need Them
| Permission | Reason |
|---|---|
| activeTab | Lets the extension take a screenshot of the tab you're currently viewing |
| storage | Stores extension configuration, audit log entries, and user preferences |
| unlimitedStorage | Allows the extension to store a queue of captured screenshots locally without running out of space |
| downloads | Enables saving screenshots and signature files to your computer |
| sidePanel | Powers the side panel UI for managing captures |
| host_permissions: <all_urls> | Allows screenshots to be taken on any webpage you're auditing. SOC2Snapp does not read or modify page content — it only captures a visible screenshot when you explicitly trigger a capture. |
Telemetry and Analytics
The extension collects anonymous usage analytics via PostHog to help us understand how the product is used and improve it. This includes:
- Extension install and update events
- Feature usage counts (captures taken, saves, exports)
- Compliance preset selection
Each install is assigned a random anonymous UUID. We never collect URLs you visit, screenshot content, filenames, or any personally identifiable information. Geographic location (country/city) is resolved from your IP address by PostHog's servers — the raw IP address is not stored.
The extension also makes a single network request to check for version updates — this request contains no user data and fails silently if blocked.
This website (soc2snapp.com) also uses PostHog for anonymous website analytics. This helps us understand which pages are visited and how visitors find us. No personal information is collected, no cookies track you across sites, and no data is shared with third parties.
What We Never Collect
- URLs you visit (beyond the URL embedded in screenshot metadata, which stays local)
- Screenshot image data (images stay on-device unless you export them)
- PII detected by the redaction engine
- Browsing history or activity outside the extension
- IP addresses (PostHog resolves geo then discards the raw IP)
Data Retention
- Local data: Audit log retention is user-configurable within the extension settings. You can delete all local data at any time.
- No server-side storage: SOC2Snapp has no server-side components. We do not store screenshots, audit logs, or user data on any server.
Changes to This Policy
We may update this privacy policy from time to time. Changes will be posted in the extension's documentation and, for material changes, noted in the Chrome Web Store listing.
Contact
For privacy inquiries, contact us at: sakshambhardwaj.tech@gmail.com