Privacy policy

Version 1.0 · effective 7 June 2026 · last reviewed 7 June 2026

ColdStamp exists to help you keep your own honest record of online checkouts. It would be hypocritical to do that while collecting your data. This policy explains, in plain language, exactly what ColdStamp does and does not do with information about you.

Short version

• Everything ColdStamp captures stays on your device.
• No data is transmitted to ColdStamp or any third party.
• No account, no login, no email collected.
• You can delete everything from the extension popup at any time.
• You must be 18 or older to use ColdStamp.

If you are looking for a single sentence: ColdStamp is a local-only tool; we do not have your data because we have not collected it.

1. Who we are

ColdStamp is operated by Anton Efremov, based in Melbourne, Australia. For privacy enquiries, contact privacy@coldstamp.app.

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). We do not rely on the small-business exemption.

2. What ColdStamp does

ColdStamp is a Chrome browser extension with two functions:

1. Preventative detection. On checkout-like pages it reads the DOM (the page's content) and looks for patterns associated with hidden subscription charges, pre-ticked add-ons, buried renewal terms, mismatched totals, and guilt-trip decline buttons. When it finds one, it shows a small panel in the corner of the page describing the issue.
2. Evidence capture. When you click a primary checkout button (e.g. Subscribe, Start free trial, Place order), ColdStamp snapshots the state of the page — which boxes were ticked, what prices were visible, what payment request the page sent — and stores that snapshot locally on your device. This function is OFF by default and only runs after you actively turn it on.

3. What information ColdStamp handles

Stored locally on your device only:

• The URL and title of checkout pages you complete.
• A snapshot of form fields and checkboxes on the page (with sensitive values redacted — see §4).
• A timestamped log of your clicks, focus, and scroll events on the page.
• The amount, currency, and recurring schedule of payment requests the page sent, parsed from the request payload.
• A SHA-256 hash of the original payment request body (not the body itself).
• A screenshot of the visible part of the page at the moment you clicked.
• Your consent settings and preferences.

These records sit in your browser's local storage (IndexedDB) and are accessible only to ColdStamp running in your browser. They are not transmitted to us or anyone else.

Not collected, ever:

• Your name, email, phone number, or postal address.
• Your card number, CVV, or expiry. These are redacted before any storage and never written to the snapshot.
• Your banking or financial account credentials.
• Your browsing history outside checkout pages.
• Your IP address, device fingerprint, or any persistent identifier we generated about you. (See §8 on device identifiers.)

4. How we redact sensitive data

Before any form field is written to storage, ColdStamp checks whether it matches a sensitive pattern: HTML autocomplete attribute of cc-number, cc-csc, cc-exp, or email; field name or id containing "card", "cvv", "cvc", "csc"; or a value that matches a card-shaped digit sequence or an email regex. Any such value is replaced with [REDACTED] at capture time. The unredacted value is never written to storage.

Payment request bodies are never stored. Only a SHA-256 hash of the body is retained, along with the parsed amount/currency/recurring fields.

Redaction is defensive, not formally audited. If you spot something we miss, please tell us via the contact address above.

5. What data we transmit

At this version of ColdStamp (v0.2), the answer is none. Nothing is sent from your browser to any ColdStamp server. There is no ColdStamp server in the current release.

Future versions may offer optional features that require server interaction (for example, an independent timestamp anchor or an encrypted backup). Each such feature will have its own separate, opt-in consent toggle. We will not retroactively use existing data for new purposes without asking you again.

6. Your consent

When you first install ColdStamp you are asked to confirm you are 18 or older and to opt into the evidence-capture feature. All consent toggles default to OFF.

Your consent must be voluntary, informed, current, specific, and unambiguous. You can withdraw any consent at any time from the extension settings; withdrawing will stop the relevant feature from running going forward.

The preventative-detection panel is read-only and runs without storing anything about you, so it operates regardless of consent state. If you want to turn it off entirely, uninstall the extension or disable it in your browser's extensions page.

7. Children

ColdStamp is not intended for use by anyone under 18. We do not knowingly accept users under 18. If you believe a child has installed ColdStamp, please uninstall it from their browser.

8. Device identifiers

Under Australian Privacy Principle guidance, device identifiers can constitute personal information. ColdStamp does not generate or store any persistent identifier about you or your device. The local storage of bundles is keyed by random UUIDs that are generated per-record and are not linked to you.

9. Automated decision-making (disclosure)

At this version, ColdStamp's detectors are deterministic rule-based classifiers running on-device. They flag patterns; they do not make any decision about you. The output (a panel) is informational only.

Future versions may use more sophisticated classification, including machine learning, to identify dark patterns. If we introduce such features, we will:

• Disclose the logic and consequences of the classification in this policy.
• Make the feature explicitly opt-in.
• Run the classification on your device whenever technically possible.
• Provide a way to see what the classifier said and why.

No such classifier exists in the current release. This section is here in advance so the disclosure is part of the policy from day one.

10. Data retention and deletion

You control retention. Bundles stay in your browser until you delete them. From the extension popup you can:

• Delete an individual bundle.
• Delete all bundles.

Uninstalling the extension removes all of its local storage. There is nothing held server-side for us to delete on your behalf, because nothing is held server-side.

11. Your rights

Under the Australian Privacy Principles you have rights of access to and correction of personal information held about you. Because ColdStamp holds no personal information about you on any server, in practice these rights are exercised by you directly: you can export, view, or delete any local bundle from the extension popup at any time.

If you have a privacy complaint, please contact us first at privacy@coldstamp.app. If we do not resolve it to your satisfaction, you can contact the Office of the Australian Information Commissioner (oaic.gov.au).

12. Open source

ColdStamp's extension source code is open and auditable. You can read the redaction, storage, and detection logic for yourself. Repository link will be published here once the public release is shipped.

13. Changes to this policy

If we change this policy, we will update the version number and effective date at the top of the page. We will surface material changes in the extension itself the next time you open it, so you don't have to come back here to check.

This policy is written in plain language on purpose. If anything here is unclear, that is a bug — please tell us.