Privacy Policy — SOQL Query Tool

Last updated: June 17, 2026

SOQL Query Tool ("the extension") is a browser extension that lets you run SOQL queries against a Salesforce org you are already logged into, directly from your browser. This policy explains exactly what data the extension accesses, how it is used, and — most importantly — what it does not do.

What data the extension accesses

• Salesforce session cookie (sid): When you open the extension, it reads the session cookie of your currently logged-in Salesforce tab. This is the same session your browser already uses to keep you logged into Salesforce — the extension does not create a separate login or ask for your username/password.
• Browser tab URLs: The extension checks open tabs to find one pointing to a Salesforce domain (*.salesforce.com or *.force.com), so it knows which org to connect to. It does not read or store the content of unrelated tabs.
• Query text and history: The SOQL queries you run are stored locally in your browser (via chrome.storage.local) so your query history and last-used query persist between sessions.
• Salesforce record data: Query results (the records returned by your SOQL) are displayed in the extension's window and held only in memory for the current session, unless you explicitly export them to a CSV file you choose to save.

How this data is used

All of the data above is used for exactly one purpose: letting you query, view, export, and (if you choose) delete Salesforce records in your own org, using your existing login session. Nothing is used for analytics, advertising, profiling, or any purpose unrelated to the core function of running SOQL queries.

What the extension does NOT do

• It does not send your session cookie, query text, or Salesforce data to any server other than your own Salesforce org's official API domain (*.my.salesforce.com / *.salesforce.com).
• It does not use any third-party analytics, tracking pixels, or remote logging services.
• It does not transmit data to the extension developer or any other party. The developer has no server and receives no data from your usage.
• It does not store your Salesforce data outside your own browser.

Where data is stored

Query history and your last-used query are stored locally using the browser's chrome.storage.local API. This data stays on your device and is only accessible to this extension. It is never synced to a remote server, and is removed if you uninstall the extension or clear extension data from Chrome's settings.

Permissions and why they are needed

• cookies — to read your existing Salesforce session so the extension can call the Salesforce REST API on your behalf, without asking you to log in again.
• tabs / activeTab — to detect which open browser tab is a Salesforce org, so the extension knows which org to connect to.
• storage — to save your query history and cached object/field metadata locally, improving autocomplete performance.
• windows — to open the tool's interface as a standalone window instead of an auto-closing popup.
• host_permissions (*.salesforce.com, *.force.com) — to call the Salesforce REST API directly from your browser without being blocked by cross-origin restrictions.

Destructive actions (record deletion)

The extension allows you to delete selected Salesforce records. This action calls the official Salesforce REST API directly using your own session and permissions — the same permissions you already have in Salesforce. A confirmation dialog is always shown before any deletion is executed. The extension developer has no ability to initiate, intercept, or reverse these actions.

Changes to this policy

If the extension's data handling changes in the future, this page will be updated and the "Last updated" date above will reflect the change.

Contact

For questions about this privacy policy, please use the support contact listed on the extension's Chrome Web Store listing page.