“i” created this initially to make money. Along the way i stumbled onto much bigger and, in my mind, more important things — and they already exist in the Sweet. i benefit twice over: from knowing it helps people, and from what that shows — that my work is functional, serious, and strictly cohesive with my ethos. It is free so that everyone, myself included, profits. If it weren’t, i wouldn’t be me; it wouldn’t be AURiX.
— AURiX Founder
Plain-English summary. AURiX: Sweet is designed so that no data ever leaves your device. It does not create accounts or user profiles. It does not send telemetry, analytics, crash reports, or usage statistics anywhere. It does not share data with any third party. It is not used for advertising. It is not used to train machine-learning models. Everything the extension observes is held in your own browser’s local storage and stays there until you delete it. There is no AURiX server. There is no backend service. There is no “cloud sync.” If your data leaks, it will not be from us — because we never had it.
AURiX’s privacy model is architectural, not promissory. It is enforced by what the code cannot do, not by what we promise we won’t do. The posture has three constraints:
AURiX: Sweet is a single extension. Inside it are five instruments, each answering a different plain question about the page in front of you. The table below lists, for each instrument, exactly what it reads from the browser, where it stores what it reads, how long it keeps it by default, what happens on export, and what network calls it makes (the last column is None in every case — AURiX: Sweet makes no network calls of any kind).
| Instrument | What it reads | Where it stores | Retention default | Export behavior | Network calls |
|---|---|---|---|---|---|
| Gauge | Structural page state: overlays, modal dialogs, scroll-lock, focus traps, cloaked content. DOM properties only; no input or content. | chrome.storage.local (the extension’s own storage) |
Session-scoped, cleared on browser close or extension reload | User-initiated download only; nothing is exported automatically | None |
| Scope | Right-click target URL and link metadata (scheme, tracking parameters). Composes the readings already produced by the other four instruments inside the same extension. | chrome.storage.local (the extension’s own storage) |
Session-scoped; popup state cleared when popup closes | No export surface; observations are visual only (cursor halo / popup) | None |
| Trace | Web-navigation events for the active tab: page-load timing, redirect chains, sub-frame transitions. URLs are read; page content is not. | chrome.storage.local (the extension’s own storage), bounded ring buffer |
Ring-buffer overwrites itself; oldest entries dropped at the buffer cap | User-initiated copy/download of the visible trace only | None |
| Ledger | DOM mutation events on the active tab (what changed, how often). Aggregates state-change events produced by the other instruments inside the same extension. | chrome.storage.local (the extension’s own storage), bounded ring buffer |
Ring-buffer; oldest entries dropped at the buffer cap. No cross-session persistence. | User-initiated download of the current ring buffer only | None |
| Receipt | On explicit user click only: a snapshot of the current tab’s URL, declared origin, and lawful-state markers (Permissions API queries observed in the page). | chrome.storage.local (the extension’s own storage) until exported |
In-memory and local-storage only; no ambient or background capture | User-initiated download as a single Receipt artifact (one click, one Receipt) | None |
AURiX: Sweet declares <all_urls> as a host permission so that its instruments can read structural page conditions on whatever site you are currently visiting. The conditions they surface — overlays, redirect chains, state changes, permission requests — are not confined to a known list of sites, so an allowlist would defeat the purpose. None of what the instruments read is transmitted anywhere.
All data AURiX: Sweet creates is local to your browser profile and lives in the extension’s own chrome.storage.local compartment. You can delete it at any time using any of the following:
chrome://extensions, open the extension details, then choose “Site Settings” or use the extension’s own popup controls (where provided) to clear stored data.Because there is no AURiX server, there is no “please delete my data” request to file with us. Deleting it from your browser is deleting it.
The five instruments are designed to work as a family — Scope, for example, rolls up the readings of Gauge, Trace, Ledger, and Receipt into a single visual indicator under a worst-state-wins rule. Because all five instruments now live inside one extension, that coordination happens entirely in-process: the instruments call each other directly within the extension. AURiX: Sweet does not request the externally_connectable or management permissions, and it does not exchange messages with any other extension. No coordination message is ever sent over the network. Everything stays on your device, inside this one extension.
AURiX watches what the page does, not what the user does. Because the page’s own behavior is observable from inside the browser, AURiX can show you which third-party trackers, beacons, and cross-origin requests the pages you visit are loading — without needing to track you. The page cannot hide that it loaded a tracker. AURiX makes that visible. That is the entire point.
AURiX: Sweet is not directed at children under 13. It does not knowingly collect any personal information from anyone, of any age, because it does not collect any personal information at all.
If this policy changes, the “Last updated” date at the top of this page will change. Because AURiX has no account system, there is no email list to notify; the canonical version is whatever is published at this URL.
Privacy inquiries: onwardai.ops@gmail.com
Because AURiX holds no user data, the most common privacy request — “delete my data” — is something you can fulfill yourself by uninstalling the extension or clearing its storage (see Section 3). The contact above exists for questions about the policy itself, security research disclosures, and regulator inquiries.