FLS Audit Manager for Salesforce
Last updated: April 2026
Author: Gaurav Kumar
Summary: This extension does not collect, store, transmit, or share any of your data. Everything stays in your browser and your Salesforce org.
1. What This Extension Does
FLS Audit Manager is a Chrome extension that helps Salesforce administrators audit and manage Field-Level Security (FLS) across profiles directly from their browser. It connects to your Salesforce org using your existing authenticated session.
2. Data We Do NOT Collect
We do not collect any personal information.
We do not transmit any Salesforce data to external servers.
We do not store your Salesforce session token beyond your browser session.
We do not use analytics, tracking, or advertising of any kind.
We do not share any information with third parties.
3. How the Extension Works
The extension reads your active Salesforce session from your browser tab (the same session you use to log in to Salesforce). It uses this session to make direct API calls from your browser to your Salesforce org. All data flows directly between your browser and your Salesforce org — no intermediary servers are involved.
4. Permissions Explained
activeTab / tabs / scripting: Required to detect your open Salesforce tab and extract the active session. Without this the extension cannot connect to your org.
storage: Used only to temporarily cache your Salesforce session within your browser session (cleared when you close Chrome). Also used to save your field exclusion list locally on your device.
cookies: Used as a fallback method to read the Salesforce session cookie from your browser. This data never leaves your device.
host_permissions (*.salesforce.com etc.): Required to make API calls to your Salesforce org directly from the browser.
5. Data Storage
The only data stored locally on your device is:
Your Salesforce session (temporary, cleared on browser close — uses chrome.storage.session)
Your custom field exclusion list (stored locally using chrome.storage.local, never transmitted anywhere)
6. No External Servers
This extension has no backend server, no database, and no cloud infrastructure. It is a pure client-side browser extension. Your Salesforce credentials and org data never leave your browser.
7. Children's Privacy
This extension is intended for professional Salesforce administrators and is not directed at children under 13.
8. Changes to This Policy
If this privacy policy changes, the updated version will be published at this URL and the "Last updated" date will be revised.
9. Intellectual Property
This extension, including its code, design, and functionality, is the intellectual property of Gaurav Kumar.
Unauthorized copying, reproduction, modification, or distribution of this software, in whole or in part, is strictly prohibited.
10. Contact
For any questions about this privacy policy, contact: Gaurav Kumar
GitHub: github.com/rgaurav259