Privacy Policy - Email Alias Manager (Free)
Last updated: April 18, 2026
This privacy policy applies to the Email Alias Manager (Free) browser extension, distributed for both Mozilla Firefox and Google Chrome. The two distributions share the same source code and data-handling behavior; any differences are limited to browser-specific APIs required to run on each platform.
The extension is designed with a privacy-first approach. It processes only the data required to create and manage email aliases on the user's own Haltman.io Mail Forwarding account. It does not include analytics, telemetry, behavioral profiling, ads, affiliate codes, or any form of third-party data sharing.
Single Purpose
The extension has a single, narrow purpose: to let the user view, create, and delete email aliases on their own Haltman.io Mail Forwarding account through the browser.
Data Handled by the Extension
Stored locally on the user's device
The extension writes the following keys to browser.storage.local (Firefox) / chrome.storage.local (Chrome). Nothing is written anywhere else, and nothing is synced to any cloud account.
- API credentials
apiKey— the user's Haltman.io API key (stored in plaintext only when the password lock is disabled).apiKeyEncPayloadandlocked— when the password lock is enabled, the API key is encrypted at rest using PBKDF2 (SHA-256) for key derivation and AES-256-GCM for encryption. The user's password is never stored, transmitted, or logged.
- Alias / domain preferences
domainsCache,defaultDomain,lastDomain,hasSelectedDomain,favoriteDomains.
- UI preferences
uiMode,handleStyle,skipDeleteConfirm.
- Overlay controls (user-defined)
overlayEnabled,overlayMode,overlaySites.overlaySitescontains user-defined rules such ashost:example.com,file://…, or special browser-page keys. These rules never leave the device.
Handled in memory only
When the password lock is enabled and unlocked, the decrypted API key lives only in the background script's session memory for the duration of the browser session. It is discarded on lock, on browser restart, or when the session is closed.
Not stored and not transmitted
The extension does not store, collect, or transmit any of the following:
- Browsing history or tab activity.
- Page content, DOM snapshots, or screenshots.
- The existing value of email input fields before the user explicitly triggers an action.
- Cookies, credentials, form data, or keystrokes from any site.
- Analytics, telemetry, or crash reports.
Network Transmission
The extension communicates only with a single endpoint:
https://mail.haltman.io
All traffic is sent over HTTPS (TLS). API keys are sent exclusively in the X-API-Key request header, never in URLs or query strings, to avoid accidental disclosure in server logs or browser history.
Endpoints used by the current version:
GET /api/domains— list available alias domains.GET /api/alias/list— list the user's aliases (also used withlimit=1to verify that a key is valid before saving it).POST /api/alias/create— create a new alias.POST /api/alias/delete— delete an alias.POST /api/credentials/create— request a new API key by email (anti-abuse confirmation flow).
Depending on user actions, the fields actually transmitted can include:
- The API key, in the
X-API-Keyrequest header, for authenticated alias operations. alias_handle,alias_domain, oralias(the local part, domain, or full email address) when creating or deleting aliases.emailanddayswhen requesting a new API key through the onboarding form.
No other field, host, or third-party service receives any data from the extension.
Use of Browser Permissions
Each permission requested by the extension is used strictly for the single purpose above:
storage— to persist the API key, domain cache, and user preferences listed above.contextMenus— to add a "Generate random alias" item under an "Email Alias Manager" right-click menu.activeTab— to act on the tab the user is currently interacting with (for example, to write the generated alias to that tab's clipboard).scripting(Chrome only) — to inject a small, clearly-scoped script into the active tab that writes the generated alias to the clipboard. Used only in response to an explicit user action.notifications— to display status notifications when an alias is created or copied.clipboardWrite— to copy generated aliases to the clipboard after explicit user actions.- Host permission
https://mail.haltman.io/*— the extension's only backend; required to call the API described above. - Content script on
<all_urls>— to render, only locally and only next toinput[type="email"]elements, the optional helper UI. The content script never transmits field values, page content, or page URLs to the backend.
The extension does not request tabs, cookies, webRequest, webNavigation, history, bookmarks, downloads, or any broad-host permission beyond mail.haltman.io.
Local Page Processing
To decide whether to render the optional helper UI on a given page, the extension may read the current page's URL or hostname locally in the browser (for allowlist / denylist checks against user-defined rules). This check is purely local — the URL and hostname are never sent to Haltman.io or any third party.
Clipboard and User Actions
Clipboard writes happen only after explicit user action:
- clicking a button in the popup,
- clicking the in-page helper,
- or using the right-click context menu.
Visible feedback is provided (notification, toast, or in-popup status) whenever possible.
Data Sharing and Third Parties
- The extension does not sell user data.
- The extension does not share user data with third parties.
- The extension does not transfer user data for any purpose unrelated to its single purpose.
- The extension does not use user data to determine creditworthiness or for any lending purpose.
- There are no third-party analytics SDKs, tracking pixels, advertising networks, or affiliate programs in the extension.
Security
- All network requests use HTTPS (TLS).
- When the password lock is enabled, the API key is encrypted at rest with PBKDF2 + AES-256-GCM; the password itself is never persisted.
- The API key is never written to request URLs, query strings, referrers, or logs.
- The source code is open and auditable; see the "Transparency and Source Code" section below.
User Control
- The user can change or remove the API key at any time from the extension's Options page.
- The user can enable or disable the password lock, and can "Lock now" to wipe the decrypted key from memory.
- The "Disconnect" action in Options removes all locally-stored extension data on the current device. Aliases that already exist on the user's Haltman.io account are not affected by disconnecting — they remain managed from the Haltman.io dashboard.
- The user can fully disable the in-page helper, or restrict it to an allowlist or denylist of sites, from the Options page.
Abuse Prevention
Haltman.io does not tolerate abuse of its services. Attempts to misuse or exploit the infrastructure may result in:
- neutralization of abusive actions,
- suspension or revocation of API access,
- additional technical or administrative countermeasures as required by the operator.
The backend service (mail.haltman.io) may be monitored for abuse prevention and infrastructure protection. The browser extension itself does not perform this monitoring and does not transmit any data for monitoring purposes beyond the API calls described above.
Transparency and Source Code
This project is open source and auditable. Source code and technical documentation are available via the links in the extension's store listing and support channels.
Changes to This Policy
If this policy changes in a material way, the "Last updated" date above will change, and the updated policy will be published at the same URL referenced from the extension's store listing.
Contact
For questions, concerns, or reports:
- General:
root@haltman.ioANDmembers@proton.thc.org - Privacy:
root@haltman.ioANDmembers@proton.thc.org - Abuse reports:
root@haltman.ioANDmembers@proton.thc.org
By installing or using this extension, you agree to this privacy policy.