1. Overview
This Privacy Policy describes how the ClickNext AI Security Monitor Chrome Extension ("Extension") collects, uses, and protects information when installed and used by employees of ClickNext Co., Ltd. ("Company").
This Extension is an internal enterprise security tool. It is not intended for public consumer use. It is deployed exclusively by the Company's IT department to monitor AI tool usage across company-managed devices in compliance with corporate security policies.
1.1 Supported AI Platforms
As of version 2.0.0, the Extension monitors the following web-based AI platforms:
| # | Platform | URL | Category |
|---|---|---|---|
| 1 | ChatGPT | chatgpt.com / chat.openai.com | Chat AI |
| 2 | Claude | claude.ai | Chat AI |
| 3 | Gemini | gemini.google.com | Chat AI |
| 4 | Microsoft Copilot | copilot.microsoft.com | Chat AI |
| 5 | DeepSeek | chat.deepseek.com | Chat / Code AI |
| 6 | Perplexity | perplexity.ai | Search AI |
| 7 | Grok (xAI) | grok.com | Chat AI |
| 8 | Mistral | chat.mistral.ai | Chat AI |
| 9 | Poe | poe.com | AI Aggregator |
| 10 | HuggingChat | huggingface.co/chat | Open-source AI |
| 11 | NotebookLM | notebooklm.google.com | Research AI |
| 12 | Google AI Studio | aistudio.google.com | Developer AI |
| 13 | Meta AI | meta.ai | Chat AI |
The Extension does not monitor desktop AI applications (e.g., Cursor IDE, VS Code Copilot, Codex CLI) as these operate outside the browser environment.
2. What Data Is Collected
The Extension collects the following information when employees interact with supported AI platforms:
| Data Type | Description | Purpose |
|---|---|---|
| User Prompt Text | Text submitted by the employee to any of the 13 supported AI platforms listed above | Security scanning for data leakage prevention (DLP) |
| User Identity | Employee's Google Workspace email address (via Chrome Identity API) | Audit trail and user attribution |
| Device Information | Device identifier / computer name | Asset tracking and security correlation |
| AI Platform | Name of AI service being accessed (e.g., ChatGPT, Claude, Gemini, Copilot, DeepSeek, Perplexity, Grok, Mistral, Poe, HuggingChat, NotebookLM, AI Studio, Meta AI) | Activity reporting |
| Timestamp | Date and time of AI interactions | Audit log and monthly reporting |
| Security Scan Result | Whether the prompt triggered a security policy (e.g., PII detected, injection attempt) | Incident management and compliance |
| Uploaded Image (Thumbnail) | A downscaled, JPEG-compressed copy (max 1280 px on the longest side) of images the employee attaches to an AI platform — by any method, including the file picker, drag-and-drop, pasting a screenshot, or importing from cloud storage. Captured to give context for what was asked. The original full-resolution file is NOT uploaded or stored — only this downscaled copy. | DLP/security review (e.g., detecting confidential documents or screenshots shared with external AI) |
2.1 Password Vault (Optional Feature)
The Extension includes an optional Password Vault — a personal, opt-in credential store (similar to a team password manager). It is entirely separate from the security-monitoring described above and behaves as follows:
- Deliberate entry only: Credentials appear in the Vault only when the employee explicitly types and saves them. The Extension never captures, reads, or records passwords entered into login forms on any website — there is no automatic password capture of any kind.
- Encrypted at rest: Each stored password is encrypted with AES-256-GCM before being written to the database. The encryption key is held only in the gateway server's environment, never in the database itself.
- Owner-only access: A Vault entry can be read back only by the employee who created it (verified by their signed-in session). IT/security administrators cannot read employees' stored passwords — the Vault is deliberately designed so it can never become an employer credential-surveillance tool.
- Sign-in required: The Vault is locked unless the employee is signed in to the organization dashboard. Every reveal of a stored password is recorded in the employee's own audit trail.
- Autofill runs on all sites, but only fills — never monitors: To offer autofill, the Extension's Vault component runs on all websites. On sites other than the supported AI platforms in §1.1 it does nothing except show your saved entries and fill them when you choose. The security monitoring (prompt / image capture in §2) still happens only on those AI platforms — no browsing, form input, or page content from any other site is ever read, collected, or transmitted.
- Item categories: Vault items can be organized into categories — Logins, Secure Notes, API Keys, and Cards. This is only an organizational grouping of items you deliberately save yourself; every category is encrypted and owner-only in exactly the same way, and none of it changes what the Extension monitors or collects.
- Shared / Team Vault (separate, deliberate sharing): Alongside the owner-only personal vault, there is an optional shared store for work credentials an employee chooses to share with a team or with specific email addresses. Unlike personal entries, a shared entry is — by design — readable by the people it is shared with, the person who shared it, and IT/super-admin (for company governance such as off-boarding). This is a deliberate, company-managed feature, not covert surveillance: sharing only ever happens when the credential holder initiates it, and every access to a shared entry (including super-admin reads) is recorded in the audit log. It does not affect personal entries above, which stay owner-only and unreadable by administrators.
3. What Data Is NOT Collected
- AI responses or outputs generated by AI platforms
- Full-resolution images or the original uploaded files (only a downscaled, JPEG-compressed copy is retained — see the table above)
- Browsing history unrelated to supported AI platforms
- Passwords or credentials typed into third-party websites — the Extension never captures, monitors, or records what you enter into login forms on any site (the optional Password Vault in §2.1 stores only credentials you deliberately save yourself, encrypted and readable only by you)
- Payment card information
- Personal communications, emails, or messages outside AI platforms
- Location data (GPS or IP-based geolocation)
- Biometric data of any kind
4. How Data Is Used
All collected data is used exclusively for the following corporate security purposes:
- Real-time DLP (Data Loss Prevention): Scanning prompts for sensitive patterns such as API keys, credit card numbers, internal connection strings, proprietary code, and internal business data (e.g., business plans, salary information) before they are sent to external AI services.
- Security Audit Trail: Maintaining a time-stamped record of AI tool usage per employee for compliance with internal IT security policies.
- Incident Response: Identifying and flagging security policy violations for investigation by the IT Security team.
- Monthly Usage Reporting: Generating aggregated usage reports for management review of AI tool adoption and risk posture.
5. Data Transmission and Storage
Collected data is transmitted via HTTPS to the organization's own security gateway — by default clicknexttest.biz; organizations running an isolated instance are served by their own dedicated subdomain configured through managed browser policy. All data is:
- Transmitted over encrypted HTTPS connections (TLS 1.2+)
- Stored in a secured SQLite database on a company-controlled server
- Kept per-organization in a separate database — one organization's data is never combined with another's
- Accessible only to authorized IT Security administrators (except Password Vault entries, which are readable only by the employee who created them)
- For Password Vault entries: additionally encrypted with AES-256-GCM, with the decryption key held only in the server environment and never stored in the database
- Not shared with any third parties, vendors, or AI platform providers
- Never used for advertising, profiling, or any commercial purpose
6. Data Retention
Activity logs are retained for 90 days from the date of collection. After this period, records are automatically and permanently deleted from the server. Employees who leave the company may request immediate deletion of their data by contacting the IT Security team.
7. User Rights (PDPA / GDPR)
Employees have the following rights regarding their data:
- Right to Access: Request a copy of all data collected about you.
- Right to Deletion: Request permanent deletion of your activity records (Right to be Forgotten).
- Right to Correction: Request correction of inaccurate personal data.
- Right to Object: Object to processing of your personal data in specific circumstances.
To exercise any of these rights, contact: it@clicknext.com
8. Consent
This Extension is deployed via organization-level Chrome management (Google Admin Console Managed Settings). By using a company-managed device with this Extension installed, employees acknowledge and consent to the monitoring activities described in this policy, as disclosed in the Company's Employee IT Acceptable Use Policy.
9. Security
The Company implements technical and organizational measures to protect collected data, including TLS encryption in transit, access control on server infrastructure, and regular security audits of the gateway system. Password Vault credentials are encrypted at rest with AES-256-GCM and can be decrypted only by the employee who created them; administrators have no ability to read them.
10. Changes to This Policy
This policy may be updated periodically. Employees will be notified of material changes via internal communication channels. Continued use of company-managed devices after changes constitutes acceptance of the updated policy.
11. Changelog
| Version | Date | Changes |
|---|---|---|
| 2.12.0 | July 13, 2026 | Vault UI: passwords and contacts are now shown separately — the shared/team view and the admin console group credentials ("🔑 รหัส / บัญชี") apart from customer records ("👤 Contacts / ข้อมูลลูกค้า"), and the extension popup's shared view is filtered by the same type tabs. Display/organization only; no change to what is stored or who can access it. (Also, internal groundwork for multi-tenant per-workspace access control — not user-visible.) |
| 2.11.0 | July 13, 2026 | Vault UI: text tab labels ("Company", "Contacts") in the extension popup, and a "view details" button on contact/company records so their stored fields (email, phone, company, address, note …) can be viewed and copied field-by-field. Display only — no change to what is stored, monitored, or who can access it. |
| 2.10.0 | July 13, 2026 | Central customer directory + convenience. New: a consented contact-capture prompt — when you submit a non-login form containing contact details (email + phone/name), the Extension offers to save it to the vault; like save-on-login, the fields are read at submit-time only to fill the prompt and are stored only if you click (nothing is captured, logged, or transmitted silently). New: an org-wide "central" share so customer contacts can be stored company-wide (visible to all employees + admin) instead of trapped in one person's personal vault — this keeps customer data from being lost when an employee leaves. New: CSV contact import and a share-to-team button in the extension popup. The privacy boundary is unchanged: personal vault entries remain owner-only and unreadable by administrators; only items a user deliberately shares (including org-wide) are visible to others, and every reveal is audited. |
| 2.9.0 | July 13, 2026 | Vault convenience + governance: an "open website" button on entries with a URL; a share button to share one of your own saved items to a team/colleague directly from your list; a super-admin password-management console (org-wide view of teams, shared credentials, and the reveal audit trail — personal entries stay unreadable, only counted). The save-on-login prompt now also detects a changed password for a site already in your vault and offers to update it — the check is done by a compare-only request (your stored password is never sent back to the page and the check is not logged as a reveal), and nothing is saved or updated without your click. Autofill no longer activates on the ClickNext console's own pages. No new permissions or monitoring. |
| 2.8.0 | July 13, 2026 | Expanded the Vault into a structured records store: Cards now hold expiry date and CVV, and two new record types were added — Company (tax ID, address, phone, email) and Contact (name, email, phone, company) for a central customer-contact directory. All extra fields are still encrypted at rest (AES-256-GCM); true secrets (card number/CVV, passwords) remain reveal-only, while non-secret directory fields are shown to people already authorized to see the entry so the directory is browsable. This is a data-entry feature only — it adds no new permissions, monitoring, or automatic collection; records appear only when a user deliberately enters them, and the personal/shared access rules (owner-only personal; shared readable by its recipients + audited super-admin) are unchanged. |
| 2.7.0 | July 13, 2026 | Added an optional Shared / Team Vault for deliberately sharing work credentials with colleagues. Employees can create teams, add members, and share a credential either to a team or to specific email addresses. A shared credential is readable by the people it was shared with (team members / listed emails), the person who shared it, and — because it is a company-managed shared store — IT/super-admin for governance (e.g. off-boarding); every access to a shared credential is written to the audit log, and super-admin reads of items they do not own are flagged distinctly. Your personal vault entries (§2.1) are unaffected and remain owner-only — not even a super-admin can read them. Sharing is always a deliberate action by the person who holds the credential; nothing is shared automatically. Adds no new permissions or monitoring. |
| 2.6.0 | July 13, 2026 | Added item categories to the Password Vault (Logins, Secure Notes, API Keys, Cards), similar to a standard password manager. This is purely an organizational grouping of items you deliberately save into your own vault; every category is stored the same way — encrypted with AES-256-GCM and readable only by you. This adds no new permissions, no new monitoring, and no new data collection: the Extension still never reads or captures anything you type into forms. |
| 2.5.0 | July 13, 2026 | Added an optional "save this login?" prompt for the Password Vault. When you submit a login form, the Extension offers — with an explicit prompt you must click — to save that login to your own vault if it isn't already there. The credential is read at submit-time only to populate that prompt and is stored only if you click Save; it is never logged, monitored, or transmitted anywhere else, and nothing is saved without your click. This adds no new permissions and no new monitoring — it is the standard consented save-on-login behavior of a password manager. |
| 2.4.0 | July 13, 2026 | Added optional autofill for the Password Vault. When you focus a login field on a website, the Extension can show a dropdown of your own saved vault entries matching that site and fill them when you choose one (or, if you turn on "auto-fill on page load", fill a single match automatically — off by default). To offer this, the Extension now runs on all websites (https://*/*); however it only injects the vault dropdown and fills credentials you explicitly saved — it does not read, capture, monitor, or transmit anything you type into forms on other sites, and it sends no page content anywhere. A saved password is fetched (decrypted) only at the moment you choose to fill it. This adds no new data collection. |
| 2.3.0 | July 13, 2026 | Added an optional built-in password manager (Vault), opened from the Extension's toolbar button. Employees must sign in to their organization dashboard to unlock it; without signing in the Vault stays locked while all other Extension features keep working. Entries are deliberately added by the employee (never captured automatically from login forms) and are encrypted so that only that employee can read them — not the administrator. To unlock the Vault, the Extension reads the existing dashboard session token on the organization's own gateway domain; it does not read passwords typed into any other website. |
| 2.2.0 | July 13, 2026 | Added support for organizations to run their own private, isolated instance of the security gateway. The Extension can now read a single setting — the gateway address — from the browser's managed (enterprise) policy configured by the organization's own IT administrator, so each organization's monitored data is sent only to that organization's own gateway and is never combined with another's. When no such policy is set, behavior is unchanged. This adds permission to reach the organization's gateway subdomain (*.clicknexttest.biz); it does not change what data is monitored or collected, and the gateway address is validated so it can only ever point to an authorized ClickNext gateway host. |
| 2.1.7 | July 7, 2026 | The on-screen security alert now shows the specific word or phrase that triggered it, highlighted in the surrounding sentence, so an employee can immediately see what to remove or rephrase — instead of only naming the policy category. For alerts about a real secret/credential value (password, API key, credit-card or national-ID number), the value itself is partially masked in this display rather than shown in full. This change only affects how an already-detected match is displayed on-screen — it does not change what is detected, does not collect any new data, and adds no new permissions. Also refreshes the alert's icon. |
| 2.1.6 | July 6, 2026 | Fixed a false-positive in the Company Confidential detection rule: a custom/admin-added term (e.g. a short business word) could previously be flagged anywhere it appeared, even with no connection to the Company. Detection for this category now requires the Company's name to appear near the matched term before anything is flagged, matching how this check has always worked on the server side. This is a detection-accuracy fix only — it does not change what data is collected, and adds no new permissions. |
| 2.1.5 | July 2, 2026 | Company IT/security administrators can now manage the Extension's DLP block-list (which categories of sensitive content — company-confidential terms, personal data, credentials, prompt-injection phrases — are flagged) from an internal management dashboard, instead of a fixed list built into each release. To keep this list current, the Extension now periodically (every 30 minutes) fetches the latest rules from the Company's own security gateway in the background, which requires the new alarms permission to schedule. This permission is used only to trigger that periodic fetch — it does not access, collect, or transmit any additional employee data, browsing activity, or content. All other data handling described in this Policy is unchanged. |
| 2.1.4 | June 19, 2026 | Improved the reliability and coverage of uploaded-image capture for DLP review. Previously only images added by pasting, drag-and-drop, or the standard file picker were captured; the Extension now also captures images attached through other methods — pasted screenshots, the browser's File System Access picker, cloud imports (e.g., Google Drive / Google Photos), and previews rendered inside web components (shadow DOM) — so confidential documents and screenshots shared with external AI are not missed. This change does not collect any new type of data and adds no new permissions; it still stores only the downscaled, JPEG-compressed thumbnail (never the original file), and duplicate captures of the same image are de-duplicated. |
| 2.1.3 | June 15, 2026 | Increased the uploaded-image thumbnail resolution from 256 px to a maximum of 1280 px (longest side) so screenshots remain legible for security review — the original full-resolution file is still never uploaded or stored, only the downscaled copy. Refined DLP detection to flag on actual secret values (passwords, API keys, credit-card and Thai national-ID numbers, validated by checksum) instead of the mere mention of a keyword, which removes false blocks on ordinary questions such as "how do I set a strong password?". |
| 2.1.0 | May 21, 2026 | Updated DLP rules to use Smart Context Detection. "ClickNext" alone is no longer blocked; it is only blocked when paired with sensitive keywords. |
| 2.0.0 | May 18, 2026 | Expanded monitoring from 3 platforms (ChatGPT, Claude, Gemini) to 13 platforms. Added support for Microsoft Copilot, DeepSeek, Perplexity, Grok, Mistral, Poe, HuggingChat, NotebookLM, Google AI Studio, and Meta AI. Removed unused googleapis.com host permission. |
| 1.9.8 | May 14, 2026 | Security hardening: added Thai keyword blocking for sensitive terms. Fixed retry bypass vulnerability. |
| 1.9.7 | May 13, 2026 | Added AI reply token tracking via MutationObserver. Improved Thai token estimation. |
| 1.9.0 | April 21, 2026 | Initial release with PII detection, prompt injection blocking, and company data protection. |
12. Contact Information
For questions about this privacy policy or data handling practices, contact:
- Organization: ClickNext Co., Ltd.
- IT Security Team: it@clicknext.com
- Website: clicknexttest.biz