We collect nothing.
Lookahead is a privacy-first Chrome extension. This policy explains exactly what data is used, where it goes, and why.
Last updated: March 11, 2026
1. Overview
Lookahead ("the extension") is a Chrome browser extension that shows link preview cards when you hover over links. It is developed and maintained by hshdevhub.
We do not collect, store, transmit, or sell any personal data. The extension operates entirely within your browser with no backend server of our own.
2. Data We Do NOT Collect
- โYour browsing history or the URLs you visit
- โThe links you hover over
- โYour IP address
- โAny personally identifiable information
- โUsage analytics or telemetry
- โCrash reports
3. Local Storage
The extension stores the following data locally in your browser using chrome.storage.local. This data never leaves your device.
| Data | Purpose | Retention |
|---|---|---|
| Preview cache (title, URL, safety score) | Avoid repeat network calls for the same link | 24 hours, auto-cleared |
| Domain age cache (RDAP results) | Avoid repeat RDAP lookups for the same domain | 24 hours, auto-cleared |
| Extension settings | Remember your preferences (blocklist, whitelist, toggles) | Until you change or clear them |
| Usage stats (previews shown, threats flagged) | Displayed in the popup โ never transmitted | Persists locally, clearable |
4. Third-Party Services
The extension makes requests to the following third-party services. No personal data is sent โ only the URL of the link you are hovering over.
Purpose: Fetches a screenshot, page title, and description for the destination URL.
Data sent: The destination URL is sent to Microlink's servers.
View their privacy policy โPurpose: Checks whether the destination URL is a known phishing or malware site.
Data sent: The destination URL is sent to Google's Safe Browsing API. This is the same service Chrome uses natively. Only enabled if you provide an API key in Settings.
View their privacy policy โPurpose: Fetches the favicon icon for the destination domain.
Data sent: The destination domain name is sent to Google's favicon service.
View their privacy policy โPurpose: Checks the registration date of a domain to identify newly registered domains.
Data sent: The apex domain (e.g. example.com) is sent to the public RDAP protocol endpoint.
View their privacy policy โ5. Permissions Explained
The extension requests the following Chrome permissions:
| Permission | Why it is needed |
|---|---|
| storage | Store preview cache and settings locally in your browser |
| alarms | Run a periodic cache cleanup every 60 minutes |
| <all_urls> (host permission) | Inject the hover listener on every website you visit so link previews work everywhere. This does NOT grant access to read page content beyond what is needed for the hover listener. |
6. Children's Privacy
Lookahead is not directed at children under 13 years of age. We do not knowingly collect any information from children.
7. Changes to This Policy
We may update this privacy policy from time to time. The latest version will always be published at this URL. The "Last updated" date at the top of this page will reflect any changes.
8. Open Source
Lookahead is open source under the MIT License. You can review every line of code to verify these privacy claims independently.
9. Contact
If you have questions about this privacy policy or the extension's data practices, please open an issue on the GitHub repository or contact us at hsh.devhub@gmail.com
ยฉ 2026 hshdevhub ยท Lookahead is MIT licensed ยท No data collected
โ Back to home