← Back to blog
Privacy June 30, 2026

Zero Data Collection: Not Just a Promise, an Architecture

“We don’t collect your data” is easy to say. Every privacy extension says it. What makes the claim meaningful is architecture, not marketing.

The standard privacy extension architecture

Most privacy extensions phone home. Even the good ones:

  • Usage analytics: How many trackers blocked, which sites visited (anonymized)
  • Crash reporting: Error logs sent to the developer
  • Feature flags: Server checks to enable/disable features
  • Update checks: Server knows when you’re active
  • Subscription management: Server knows your account, device, and usage patterns

Each of these is justified individually. Collectively, they create a profile of your browsing behavior in the developer’s database.

The Symvek Shield architecture

Shield makes zero server calls. Here’s what that means concretely:

Tracker blocking: 22,842 domains from EasyList/EasyPrivacy are bundled in the extension. The list updates when the extension updates via the Chrome Web Store. No server checks.

Cookie consent: 100+ CMP selectors are hardcoded in the extension. Auto-reject happens in your browser. No server interaction.

Privacy scoring: The scoring engine runs locally. Your scores are stored in chrome.storage.local. Never transmitted.

Fingerprint protection: Canvas, WebGL, audio, and font randomization happens at the browser API level. No external calls.

URL parameter stripping: Tracking parameters removed before page load. Local regex matching.

Premium features: License key validation happens locally against a hash. The only server call in the entire extension is when you first activate a premium key, and that call only verifies the key, not what you’re browsing.

Why this matters

When you install a privacy extension, you’re trusting it with access to every page you visit. That’s the most sensitive data on your device.

An extension that collects “anonymous analytics” still knows the shape of your browsing: when you’re active, how many pages you visit, which categories of sites trigger the most blocking. Combined with your IP address (which the analytics server sees), this data is meaningful.

We chose to make Shield architecturally incapable of collecting this data. Not “we choose not to” but “we can’t because the code doesn’t exist.”

How to verify

Shield is a Chrome extension. You can:

  1. Monitor network requests (DevTools > Network) and confirm zero outbound calls
  2. Read the source code (it’s not obfuscated)
  3. Run it with network disabled and confirm everything works offline
  4. Check chrome.storage.local to see exactly what’s stored

Our privacy claims are auditable, not marketing promises.

Try Shield when it launches on the Chrome Web Store.