← Back to PointDev

PointDev Privacy Policy

Last updated: 13 March 2026

Overview

PointDev is a browser extension that inspects and captures UI element context (DOM structure, computed CSS, layout, and component metadata) from web pages for use with AI coding assistants. This privacy policy explains what data PointDev accesses, how it is used, and how it is stored.

Data we collect

PointDev does not collect, transmit, or store any personal data. Specifically:

  • No account or login is required.
  • No analytics, telemetry, or tracking of any kind is included.
  • No cookies are set by the extension.
  • No data is sent to NPM Labs or any third-party servers.

Data the extension accesses

When you explicitly activate the element picker, PointDev reads the following from the current page:

  • DOM structure — the HTML elements you select and their ancestors.
  • Computed CSS — matched and inherited styles for selected elements.
  • Layout data — bounding rectangles, viewport dimensions, and responsive breakpoints.
  • Component metadata — framework component names (e.g. React, Vue) when detectable.
  • Page URL — included in the capture payload for context.

This data is only accessed when you activate the picker. The extension does not run in the background, scan pages automatically, or access any page you are not actively inspecting.

How captured data is used

Captured data is either:

  • Copied to your clipboard — so you can paste it into an AI coding assistant of your choice, or
  • Sent to a local MCP server — running on your own machine (localhost) via WebSocket, so an AI assistant can receive the context directly.

In both cases, the data never leaves your device unless you choose to share it. The MCP server connection is local only (default: ws://localhost:52140).

Data stored locally

PointDev uses Chrome's storage API to persist your extension settings (e.g. capture options and WebSocket URL). These settings are stored locally in your browser and are not transmitted anywhere.

Redaction

PointDev includes a built-in redaction system that strips sensitive content (such as text content from input fields) from captures before they are copied or sent. This is enabled by default and can be configured in the extension settings.

Third-party services

PointDev does not integrate with, send data to, or receive data from any third-party services. There are no ads, analytics providers, or external dependencies at runtime.

Permissions

The extension requests the following Chrome permissions:

  • activeTab — to access the tab you are currently viewing when you activate the picker.
  • scripting — to inject the element picker into the active tab.
  • debugger — to read matched CSS styles via the Chrome DevTools Protocol (read-only, allowlisted methods only).
  • storage — to save your extension settings locally.
  • Host permissions (all URLs) — because the inspector needs to work on any web page you are developing.

Changes to this policy

If we make changes to this privacy policy, we will update the "Last updated" date at the top of this page. Continued use of the extension after changes constitutes acceptance of the updated policy.

Contact

If you have questions about this privacy policy, please contact us at privacy@npmlabs.co.uk.