Privacy Policy

Network HAR Recorder · Last updated: 10 June 2026

1. Who we are

Network HAR Recorder is a Chrome extension (Manifest V3) that lets you record network traffic from the active browser tab, export HAR files, inspect them, and optionally replay GraphQL requests using credentials you configure.

The extension developer does not operate backend servers for this product and does not receive analytics or usage telemetry from the extension.

2. Data processed by the extension

2.1 Stored locally (Chrome storage.local and storage.session)

• OAuth settings you enter: Token URL, Client ID, login
• Password: in storage.session by default (cleared when the browser closes); optionally in storage.local if you enable “Save password”
• Optional URL rewrite settings: workspace domain suffix, API host template, API gateway prefix

This data stays on your device inside Chrome until you change it, clear extension data, or uninstall the extension.

2.2 Processed locally (not sent to the developer)

• Network requests and responses captured while recording (HAR format)
• HAR or ZIP files you open in the built-in viewer
• Files saved to your computer via Chrome Downloads

HAR files may contain sensitive information visible in the recorded tab (URLs, headers, cookies, request/response bodies, tokens). You control where those files are stored and shared.

2.3 Transmitted when you use Send (only on your action)

If you click Send in the viewer, the extension:

• Sends your login and password to the Token URL you configured (OAuth password grant), over HTTPS if that URL uses HTTPS
• Sends a GraphQL request to the URL taken from the selected HAR entry (optionally rewritten using your URL settings)
• Includes an Authorization: Bearer … header and any custom headers you configure in Settings (default: x-login with your login)

Those requests go to endpoints you choose, not to the extension developer. We do not control those third-party services. Review their privacy policies separately.

2.4 Recording (Start / Stop)

When you start recording, the extension attaches the Chrome Debugger Protocol to the active tab to capture network activity. Chrome shows a banner that the extension started debugging the browser (wording depends on Chrome language). Recording stops when you click Stop or detach the debugger. Captured data is written to a local HAR/ZIP file only if you save it.

3. What we do not do

• We do not sell user data
• We do not use data for advertising or creditworthiness
• We do not collect data on developer-operated servers
• We do not use tracking or analytics SDKs in the extension

4. Chrome permissions (why they are needed)

• debugger — capture network traffic with response bodies during user-initiated recording
• downloads — save HAR ZIP files to your device
• tabs — identify the active tab when you start recording
• storage — save your settings locally
• host_permissions (<all_urls>) — Send requests to Token URL and API URLs you configure or that appear in HAR entries

5. Data retention and deletion

• Settings: until you edit, clear extension site data, or uninstall
• OAuth access tokens: cached in the extension service worker for up to about 10 minutes, then refreshed on next Send
• HAR files: remain wherever you saved them on your device

To remove extension-held data: open Chrome extension details → Clear storage, or uninstall Network HAR Recorder.

6. Security

By default, your password is stored in Chrome storage.session and cleared when the browser closes. If you enable “Save password”, it is stored in storage.local instead. The extension does not add extra encryption on top of Chrome storage. Use Send only with endpoints you trust. Prefer dedicated test accounts where possible.

7. Children

The extension is intended for developers and testers, not directed at children under 13.

8. Changes

We may update this policy. The “Last updated” date at the top will change when we do. Continued use after changes means you accept the updated policy.

9. Contact

Questions about this policy or the extension: nikhailor@gmail.com