Onion VPN is designed from the ground up to collect as little data as possible. Here is the complete picture:
chrome.storage.local. Never transmitted to us or any third party.
chrome.storage.local. Never transmitted to us or any third party.
Onion VPN acts as a bridge between your browser and a self-hosted (or user-selected) gateway server capable of resolving .onion addresses and routing Tor-network traffic.
When you activate the proxy, outbound requests from the extension's browser tab are forwarded to the gateway URL you configured. The extension does not inspect, store, or relay the content of those requests beyond what is necessary to establish the connection.
Your gateway URL and API key are read from local Chrome storage at runtime and used solely to authenticate with your server. They are never sent anywhere else.
The extension makes no connections to any service owned or operated by the Onion VPN developer.
The only external network connection the extension ever initiates is to the gateway server URL that you provide in the settings. You are responsible for reviewing the privacy practices of that server's operator.
We do not use advertising networks, affiliate trackers, analytics platforms, crash reporting services, or any other third-party SDK.
Onion VPN requests the minimum Chrome permissions required to function:
storage
Saves your gateway URL and API key locally in chrome.storage.local so settings persist between browser sessions. Data never leaves your device via this API.
tabs
Used to open the proxy browser tab that routes your traffic. This permission does not grant access to your browsing history or the content of other open tabs.
The Onion VPN developer retains no data whatsoever. There are no servers on our side that store user information.
Your local settings (gateway URL and API key) persist in chrome.storage.local until you either:
Your API key and gateway settings are stored using Chrome's built-in storage.local API, which is sandboxed to this extension and inaccessible to web pages or other extensions.
We recommend using HTTPS for your gateway server endpoint and rotating your API key periodically if you share the server with others.
Because the extension relays traffic to a server you control, the security of that connection depends on your gateway server's configuration. We are not liable for vulnerabilities in third-party gateway software or misconfigured servers.
Onion VPN is not directed to, and should not be used by, children under the age of 13. We do not knowingly collect any data from children.
If we make material changes to this policy, we will update the "Last updated" date at the top of this page and, where appropriate, provide notice through the Chrome Web Store listing or the extension itself.
Continued use of the extension after any changes constitutes acceptance of the updated policy.
Questions or concerns about this privacy policy? Reach out: