Privacy Policy

Last updated: March 2026 · ShieldBot Security

ShieldAI is a security tool. We collect only what is strictly necessary to analyse transactions in real time. We do not sell data, build profiles, or track users across the web.

1. Who We Are

ShieldAI Transaction Firewall is a Chrome browser extension developed by ShieldBot Security. The extension analyses blockchain transactions before they are signed to protect users from scams, phishing sites, and malicious contracts.

For questions about this policy, contact us at: support@shieldbotsecurity.online

2. What Data the Extension Collects

When you interact with a Web3 DApp and your wallet triggers a transaction, the extension sends the following transaction parameters to our risk analysis API:

to — the recipient contract or wallet address
from — your wallet address
value — the amount of native token (e.g. BNB) being sent
data — the encoded calldata (function call and arguments)
chainId — the blockchain network identifier
typedData — EIP-712 structured data, if applicable (e.g. Permit2 signatures)

This data is the minimum required to perform a meaningful security analysis. No other data is collected.

3. What Data Is Stored Locally

The extension stores the following data in your browser's local storage (chrome.storage.local), which never leaves your device unless described otherwise:

Your API endpoint setting (default: api.shieldbotsecurity.online)
Firewall enabled/disabled state
Policy mode (Balanced or Strict)
The last 50 transaction scan results for the history view
The wallet address you enter in the Wallet Health scanner

4. How We Use Transaction Data

Transaction data sent to our API is used exclusively to:

Compute a risk score and classification (SAFE, CAUTION, HIGH RISK, BLOCK)
Return a verdict to the extension before you sign the transaction
Improve detection accuracy through aggregated, anonymised analysis

Transaction data is not linked to any personal identity, browser profile, or IP address in our systems. We do not store wallet addresses as user identifiers.

5. Phishing Detection

When you visit a website, the extension sends the page URL to our API to check it against phishing and threat intelligence databases. This check is cached for one hour to minimise requests. The URL is used only for the reputation check and is not stored or logged on our servers.

6. Data Sharing

We do not sell, rent, or share your data with third parties for advertising or marketing purposes. To perform security analysis, we query the following external services:

GoPlus Security — phishing URL and token risk data
Tenderly — transaction simulation for asset delta preview
Token Sniffer — bytecode fingerprinting for unverified contracts

These services receive only the minimum data necessary for their function (e.g. a contract address or URL). They are governed by their own privacy policies.

7. Data Retention

Transaction data submitted for analysis is retained on our servers for a maximum of 30 days for debugging and accuracy monitoring, after which it is deleted. Aggregated, non-identifiable statistics may be retained indefinitely.

Locally stored data (history, settings) remains on your device until you uninstall the extension or clear it manually.

8. Security

All data transmitted between the extension and our API is encrypted in transit using HTTPS/TLS. Our API servers are access-controlled and not publicly writable.

9. Children's Privacy

ShieldAI is not directed at children under 13 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this policy as the product evolves. The "Last updated" date at the top of this page will reflect any changes. Continued use of the extension after changes constitutes acceptance of the updated policy.

11. Contact

If you have questions, concerns, or requests related to your data, contact us at:
support@shieldbotsecurity.online

Response time: within 48 hours.