Security
Testing Taxi requires “All Sites” permission due to Chrome’s API. However, we only activate on sites that you have explicitly whitelisted through the sidebar. We don’t touch the page unless you give us permission.
How it works
When you open Testing Taxi via the context menu (right click) or in the sidebar, your page isn’t touched by default.
Local Checks Only for Whitelist:
Your URL stays local and we compare the domain against the list of domains you’ve explicitly allowed. Your URLs are never sent to our server for analysis unless you’ve given permission for that domain.- Opt-in Security Model:
We ask for your permission before touching any new domain. The screen looks like this. If you don’t press that blue button, your page will not be touched.
- Only When Active:
Testing Taxi doesn’t operate in the background. Keyboard shortcuts, context menu actions and sidebar windows are all managed by Chrome. The only time we’re active is when you’ve given domain permission and you see the Testing Taxi sidebar, or trigger the keyboard shortcut. During those active times, on allowed domains, we send page content to the server for analysis.
Your Data and Testing Taxi
Any page data that travels to our servers for analysis is protected by industry standard encryption and security methods. We conduct regular audits of our security methods and data practises.
At any time, you may request that your data be purged from our system. Please provide your account email address and send your request to to nate [at] testingtaxi.com.
Questions?
Please get in touch: nate [at] testingtaxi.com
