Privacy Policy - MacShield

Plain-language summary

MacShield does	MacShield does not
Store app preferences locally on your Mac.	Sell, rent, or share personal data.
Use the macOS Keychain for backup password storage.	Collect message content, browsing history, or screenshots.
Use local Chrome storage for extension settings.	Run analytics, advertising SDKs, or tracking scripts.
Check hostnames locally to apply website locks.	Operate a backend account, database, or telemetry pipeline.

The source code is public. Privacy claims can be independently reviewed in the MacShield repository.

Native macOS App

Protected app list and settings

The app stores your selected protected apps and preferences locally through app settings. This can include protected bundle identifiers, idle timeout settings, blur preferences, and automation choices.

Authentication

Touch ID is handled by Apple's LocalAuthentication framework. MacShield does not receive fingerprint or biometric data. Backup password storage and verification use the macOS Keychain.

Apple Watch proximity

If enabled, MacShield uses Bluetooth proximity signals to estimate whether your Apple Watch is nearby and worn. This is used only for local lock and unlock decisions.

Updates

The app uses Sparkle to check for software updates against the configured appcast URL. Update checks are for version availability, not analytics.

Browser Extension

Hostnames

The extension checks the current page hostname to decide whether to apply blur rules or show the website lock screen. It does not build or transmit browsing history.

Password handling

The extension creates a random salt with Web Crypto, hashes your master password with SHA-256, and stores only the hash and salt in chrome.storage.local. The original password is not stored.

Touch ID and WebAuthn

When available, WebAuthn lets the browser request platform biometric verification. MacShield stores only a credential reference needed to request future authentication.

Blur behavior

Message blur is applied with CSS filters. The extension does not read, copy, log, or transmit message text, images, emails, or chat history.

Stored extension values

ms_password_hash and ms_password_salt for local password verification.
ms_locked_sites for domains you choose to lock.
ms_blur_level, ms_blur_avatars, and ms_hide_mode for blur preferences.
unlockedSites in session storage for temporary unlock state.

Permission Rationale

MacShield asks only for permissions tied to product features. The detailed list is maintained in the documentation permissions table.

If you do not need a feature, leave its permission disabled. MacShield should be configured to match your risk and comfort level.

Data Sharing

MacShield does not sell, rent, share, or transfer personal data to advertisers, data brokers, analytics providers, or third-party marketing services. The project does not operate a hosted account service.

The Chrome extension is intended to comply with Chrome Web Store Limited Use principles: data is used only to provide user-facing privacy and lock functionality.

Security Practices

Open-source codebase for independent review.
macOS Keychain for native backup password storage.
Local Chrome storage for extension state.
No analytics scripts on the website.
No server-side account system for product telemetry.

Your Choices

Remove protected apps from MacShield settings at any time.
Disable macOS permissions in System Settings.
Clear extension storage by removing the extension from Chrome.
Disable the extension on specific sites through Chrome controls.
Review, fork, or modify the source code under the applicable license terms.

Contact

For privacy questions, open a GitHub issue or use the contact page. Do not include private passwords, tokens, screenshots of sensitive content, or personal documents in public issues.

Open an issue or visit contact options.