Complete digital intelligence across thousands of platforms. Trusted by professional investigators.
UserSearch Forensic Capture
Last updated: 9 July 2026
In one sentence: your captured evidence never leaves your machine — the only things the extension sends are the sign-in tokens for your free account and, if you enable timestamping, anonymous cryptographic hashes to timestamp authorities.
This policy explains, in plain language, exactly what UserSearch Forensic Capture (the "extension") does with data. We wrote it to be checkable: everything below is enforced in the extension's code, every outbound network request the extension ever makes is routed through a single audited module, and the extension keeps a local log of every request it sends that you can inspect yourself on the options page.
UserSearch Forensic Capture is a free browser extension for capturing web pages as evidence: full-page screenshots, a rendered-DOM snapshot of the page as displayed, the raw HTTP response body, optional MHTML, optional screen-recorded video, and PDF reports. Every captured artifact is hashed with SHA-256 on your device, sealed into a tamper-evident manifest, and (if you enable timestamping) anchored to independent timestamp authorities so you can later prove the evidence existed at a point in time — without the evidence itself ever being transmitted anywhere.
All capture, hashing, report generation, video recording, and verification happen entirely on your device, inside your browser. No companion cloud service and no server of ours ever receives your evidence. Creating new captures does require a free UserSearch account — a verified email address, with no name and no payment — used only to confirm you have a valid account; viewing, verifying, and exporting captures you have already made works without signing in. Section 3.1 sets out exactly what the sign-in transmits, and what your account email is used for.
Everything the extension stores lives locally in your browser profile on your device:
None of this is transmitted to us or to anyone else. The extension asks the browser for persistent storage and holds the unlimitedStorage permission solely so the browser does not silently evict your evidence; that permission grants no network capability and no access to other sites' data.
The operator identity you enter at first run (name, organization, optional contact — used to attribute captures and reports) is stored locally, appears only in the evidence records and reports you generate and export, and is never transmitted by the extension.
The extension can contact only two kinds of destination: the UserSearch account service, to sign you in and confirm your account (opaque tokens only — never your evidence); and the timestamp authorities, to which it sends only anonymous cryptographic hashes. There are no others, and no feature — hidden or otherwise — ever sends your captured evidence, page content, or browsing history anywhere. All outbound requests are funneled through one choke-point module with a hardcoded allowlist of exact origins; a request to anything else fails, and every request is logged locally before any bytes leave your machine.
https://usersearch.ai (sign-in and licence checks). All timestamp traffic below is additionally gated behind a runtime permission prompt: even with timestamping switched on, the extension cannot contact these endpoints until you grant the browser's optional host permission for exactly these named hosts.
http://timestamp.digicert.com (primary), http://timestamp.sectigo.com (fallback). You can change these to any TSA you choose on the options page; a TSA you configure is admitted for timestamp queries only. https://a.pool.opentimestamps.orghttps://b.pool.opentimestamps.orghttps://alice.btc.calendar.opentimestamps.orghttps://bob.btc.calendar.opentimestamps.orghttps://finney.calendar.eternitywall.com There is no other endpoint. The extension contains no search, lookup, or enrichment feature that contacts any third party — inspection of captured evidence (EXIF, identifiers, text extraction) runs entirely on your device. The extension loads no remote scripts, fonts, stylesheets, images, or update feeds; all of its code and assets ship inside the extension package. (During a capture, the page you are capturing may load its own resources as part of normal browsing — that is the website's activity, not a transmission by us.) The extension's UI contains ordinary links to usersearch.com; clicking one simply opens a normal browser tab — the extension itself sends nothing when it displays them.
The extension's use of information received from Google APIs adheres to the Chrome Web Store User Data Policy, including its Limited Use requirements.
Specifically: any data the extension handles is used solely to provide the user-facing forensic-capture features described in this policy and visible in the extension's interface; it is not sold or transferred to third parties; the only data that leaves the device is the account sign-in tokens sent to the UserSearch account service and, if you enable timestamping, the anonymous cryptographic hashes sent to the timestamp services (both enumerated in section 3), plus exports you initiate; it is not used for advertising, creditworthiness, or lending purposes; and no humans at UserSearch read your evidence — it never leaves your device.
All data the extension stores lives in your browser's local storage and remains there until you remove it. By design, the extension's interface does not delete sealed evidence or contemporaneous notes (an anti-tampering safeguard); it can reclaim derived data such as extracted text (Options → Storage). To remove everything, clear the extension's site data or uninstall the extension (uninstalling deletes its local storage). Files you exported to disk are ordinary files under your control. We retain none of your evidence, because we hold none of it. (Your UserSearch account and email are held by the account service and are governed by the UserSearch website Privacy Policy; you can delete your account there.)
One consequence worth stating plainly: because there is no cloud copy, we cannot recover your evidence if your device or browser profile is lost. Export and back up anything you need to keep.
If we change this policy, we will update it at its published location with a new "last updated" date. Because the extension makes no network requests except those listed above, a policy change can never retroactively grant it new data access — any new endpoint or permission would require a new extension version and, where applicable, a new browser permission prompt to you.
Questions about this policy or the extension's data handling: