Security & Data Protection Overview

For IT, security, and procurement teams reviewing CopyDock.app, this page explains how the extension handles data, storage, and permissions. It’s designed to help you quickly assess risk, understand what stays local on the device, and confirm whether CopyDock.app meets your security requirements.

How to explain CopyDock.app to security teams

If you need a short, simple description, you can say:

"CopyDock.app is a local-only browser extension for storing and pasting pre-approved text. It does not use any external servers, does not send customer data off the device, and relies on the browser's own encrypted storage and sandbox. It is signed and approved by the Chrome, Microsoft Edge, and Firefox extension stores."

When you review a new browser extension, you want clear answers about data flow, storage, and risk. This page summarizes how CopyDock.app works so you can evaluate it quickly and confidently.

High-level overview

CopyDock.app is a browser extension that lets agents paste pre-approved text with one click. All content is stored locally in the browser's encrypted extension storage. There are no external servers, no background APIs, and no hidden data flows.

Data flow summary

CopyDock.app follows a simple, local-only model:

No data leaves the user’s device.
No cloud servers, no syncing, and no remote APIs.
No analytics, no telemetry, and no tracking.
All button content is stored inside the browser's extension storage.
Export is manual only and fully user-initiated.

What CopyDock never does

This is often the fastest way to answer security questionnaires:

Does not send snippets or customer data to third-party servers.
Does not read user content.
Does not log keystrokes or monitor typing.
Does not inject remote JavaScript or load external code at runtime.
Does not use cookies or track browsing history.
Does not modify network requests or proxy traffic.
Does not run background network calls.

Encryption and storage

CopyDock.app relies on the browser's own secure keychain for storage encryption:

Windows: DPAPI
macOS: Keychain
Linux: GNOME Keyring (where supported by the browser)

The extension never implements its own custom cryptography. Encryption is handled entirely by Chrome, Microsoft Edge, or Firefox according to their platform standards.

Extension sandbox architecture

CopyDock.app runs inside the standard browser extension sandbox:

It cannot access local files or system resources.
CopyDock never reads user content. It only pastes what the user explicitly copies.
It cannot escape the browser environment.

The extension focuses only on storing text and inserting it when the user clicks a button.

Permissions used and why

CopyDock.app is designed to request minimal permissions:

storage — to save and load buttons inside the browser's encrypted extension storage.

No broad host permissions, no full-domain wildcards, and no remote code execution permissions are required.

Verification and signing

CopyDock.app is cryptographically signed and approved by Chrome Web Store, Microsoft Edge Add-ons Store, and Firefox Add-ons — meaning your team installs a fully verified, trusted extension.

Each store performs its own automated checks, malware scanning, and policy review before approving the extension. Updates are also reviewed and must pass store checks before they are published.

Enterprise deployment options

Enterprises can deploy CopyDock.app in several ways:

Install directly from Chrome Web Store, Microsoft Edge Add-ons Store, or Firefox Add-ons.
Use enterprise policies to push-install the extension to managed browsers.
Use locally packaged ZIP installation where allowed, for restricted or semi-offline environments.
No external services or extra infrastructure are required.