BiniGuard — Privacy Policy

Version 3 · last updated 2026-05-17

BiniGuard is a privacy-first browser extension that blocks phishing sites and warns about suspicious patterns — without sending your browsing history anywhere. This page explains what the extension does, what it asks for, and what it never does.

Short version: Phishing block + heuristics run 100% locally. SpecSense (optional AI judgment) only sends data when you trigger it, using your own free Gemini key. Nothing about you, your browsing, or your account is ever transmitted to Biniru servers.

1 · What BiniGuard does

Phishing block — checks each URL against locally-stored aggregated lists (PhishTank + OpenPhish + Phishing Army). Hard-blocks known phishing domains.
Heuristic warnings — detects typo-squatting (Levenshtein vs. Tranco top-1000), homoglyph attacks (including punycode IDN like xn--), and suspicious TLDs (.tk/.ml/.ga/etc.).
SpecSense (optional) — when you right-click a product on Bol/Amazon/AliExpress/eBay/Temu or a YouTube video and choose "Check with BiniGuard SpecSense", the extension scrapes the visible listing and asks Google's Gemini API for an honesty judgment. See section 4 for full disclosure.

2 · Permissions, and why each is needed

tabs + webNavigation — read the URL of pages you load to check against the blocklist before navigation completes.
<all_urls> — phishing can target any domain, so the URL check has to cover everything.
storage — store your settings, whitelist, threat counter, and (if you enable it) your Gemini key. All in browser.storage.local, never synced.
alarms — trigger the periodic (daily) blocklist refresh.
contextMenus — add the "Check with BiniGuard SpecSense" item to right-click menus on supported shops and YouTube. Only used when you click it.
scripting — inject the SpecSense modal into a page when you ask for a check (fallback path; primary content script is loaded by manifest).

3 · Data that stays on your device

URLs you visit — checked locally against the blocklist, never logged, never sent to Biniru or anyone else.
Threat counter — a local number showing how many blocks/warnings BiniGuard performed. Displayed in the popup only.
User settings — whitelist of trusted sites, heuristic sensitivity preference.
SpecSense items, if you use it: your Gemini API key, your trusted-channels list, your 24-hour verdict cache.

None of this leaves your machine. There is no Biniru account, no email collection, no sign-in.

4 · SpecSense — what gets sent, and where

SpecSense is the optional AI-judgment feature. It is off by default. To use it, you paste your own Gemini API key (free from aistudio.google.com) in the popup. Then, only when you actively right-click and pick "Check with BiniGuard SpecSense", the extension does the following:

Reads the visible product or video listing on the current page — title, price, seller, channel name, description, tags, thumbnail URL, and (for products) the specs block.
Runs a local pre-screen against deceptive patterns. For many cases this returns a verdict immediately, with no API call.
If the pre-screen is inconclusive, sends the scraped listing data to Google's Gemini API using your Gemini key. Google's privacy terms apply.
Displays the resulting verdict (green / yellow / red) in a modal on the page.

What we do NOT do with SpecSense

We do not see, store, route, or log your Gemini key.
We do not see, store, route, or log the page content you check.
We do not see, store, route, or log the verdicts.
There is no Biniru server in the SpecSense path. Your browser talks directly to Google.

What Google sees

Each SpecSense request is a standard Gemini API call from your browser, authenticated with your key. Google's standard data-handling for the free Gemini API tier applies. Refer to Google's Gemini API terms. You can revoke or rotate the key at any time from your Google AI Studio account.

You can remove a key from BiniGuard any time via Popup → Settings → SpecSense → Remove. The key (and all cached verdicts) is then wiped from storage.local.

5 · Telemetry and tracking — what we never do

No analytics SDKs, no telemetry pings, no usage counters phoning home.
No advertising IDs, no fingerprinting, no behavioral profiles.
No per-user logs of any kind. We literally cannot, by design.
No data-selling, no marketing-list construction, no ad networks.
No third-party trackers, scripts, or pixels in the extension code.

The blocklist downloads (from PhishTank, OpenPhish, Phishing Army) are public-list requests sent without referrer or credentials. Those services see only that an IP requested their list — same as any browser visiting their site directly.

6 · Future signals — opt-in only, listed here first

The current v1.0 does not send any operational signal upstream. If a future version needs to (e.g., to know which Gemini models are still available for SpecSense), the request must be anonymous, aggregate, listed here before shipping, and opt-out switchable in the popup.

7 · Open source and verifiable

BiniGuard's code is auditable. Permissions, network requests, and data flow can be inspected line by line. The build is reproducible — you can clone the source, run the smoke tests (node test/smoke-logic.mjs and node test/smoke-specsense.mjs), and produce the same package we submit to AMO and the Chrome Web Store.

8 · Contact

Privacy / legal questions: legal@biniruprojects.ai
General contact: info@biniruprojects.ai