Extension security

Security you can
verify yourself.

A Chrome extension that touches Salesforce should make you suspicious. So here is exactly what Deplo can do, what leaves your browser, and how to check every claim on this page for yourself.

How the free tools work

The core tools need no Deplo account, no OAuth, and no connected app. They run on the Salesforce session already open in your browser tab: the extension calls your own org’s API as you, with your exact permissions, never a hidden service account.

For those free tools, nothing is shipped to a Deplo server to run them. Your queries, diffs, and results stay between your browser and your own Salesforce org. Only the optional Pro AI features (Explain, Investigate, formula help) send metadata to Deplo’s API, and only the moment you use them.

The four permissions, and why

Host access is limited to Salesforce domains and getdeplo.com. That’s the whole list.

cookies

Direct mode. Salesforce keeps its session ID in an HttpOnly cookie that page scripts can't read. The background worker reads it only to call your own org's API on your behalf; that's what makes the tools work with zero setup. It's read per request, used only for calls to that same org, never persisted, and never sent to Deplo's servers.

storage

Keeps your Deplo sign-in (for the optional Pro AI), a 1-hour cache of results so things render instantly on revisit, and the undo snapshots that back every write. Local to your browser.

contextMenus

Registers the right-click entry points: "Explain this component," "Reverse Trace this record," and the others.

unlimitedStorage

Lets the local undo snapshots for bulk operations grow past the small default quota, so a large CSV load is always one click from restored.

What that means in practice

Your session ID never reaches us

The Salesforce sid cookie is read per request to call your own org and is never persisted or sent to Deplo's servers.

Read-only by default

Read requests are limited to safe GET/HEAD calls. Anything that changes your org is a separate, clearly labeled mode you trigger.

Writes are vetted and reversible

The worker can only issue writes that match a fixed allowlist of known-safe shapes, they default to sandbox and developer orgs until you opt in for production, and every edit snapshots the prior values first, so you are one click from restored.

No remote code

Every line of JavaScript ships in the package (Manifest V3). Nothing is fetched and run at runtime, so what you audit is what runs.

What it deliberately does not do

  • No tabs, activeTab, or <all_urls> permission. Host access is limited to Salesforce domains and getdeplo.com, and the extension does nothing on any other page.
  • No remote code. All JavaScript ships inside the package (Manifest V3): no eval, no remotely hosted scripts, no WebAssembly fetched at runtime.
  • No analytics, no tracking, no ads, no browsing-history collection. Error reporting is opt-in and off by default, and is scrubbed of record IDs, URLs, and query text before it is ever sent.
  • No Salesforce credentials are ever collected. You sign in to Salesforce only on Salesforce’s own pages.

Don’t take our word for it

  • • Open your browser’s DevTools Network tab while you use a free tool. Every request goes to your own Salesforce domain, with zero calls to getdeplo.com.
  • • Unzip the extension package and read the source, or grep it. There’s no minified mystery bundle doing anything the manifest doesn’t declare, and no remote code to hide behind.
  • • Check the permission list on the store page against the four above: no tabs, no <all_urls>.

Where your data lives

Free tools: your browser only

Queries, diffs, usage stats, and bulk-edit results are computed against your own Salesforce session and never leave your browser. Undo snapshots are stored locally (that’s the storage permission). Nothing is sent to a Deplo server to run them.

Pro AI: the minimum, only when used

When you invoke an AI feature, only the relevant metadata (a formula, a flow, an access diff, not bulk record data) goes to Deplo’s API. Server-side we store your account, workspace, and AI-usage counts (for the monthly cap), never your Salesforce session. Processing runs on Anthropic’s Claude API under commercial terms: Anthropic does not train on it, and it’s retained only briefly for abuse monitoring, then deleted.

Subprocessors for the optional Pro features: Anthropic (AI), Supabase/Render (app + database), Stripe (billing). The web app uses privacy-respecting analytics; the extension itself ships zero analytics. Full list and retention terms in the privacy policy. Anthropic publishes its own SOC 2 Type II and ISO 27001 attestations at trust.anthropic.com.

What gets sent, feature by feature

The complete list. If a feature isn't here, it doesn't leave your browser.

FeatureWhat's sentWhere it goesWhat's stored
All free tools (SOQL, Compare Access, field & picklist usage, Record Peek, Data Ops, Dependency Explorer)Nothing. Requests go from your browser to your own org’s API.Your Salesforce org onlyUndo snapshots, saved queries, and history stay in your browser’s local storage.
Explain (flow, validation rule, Apex)That component’s definition plus relevant field namesDeplo’s API, then Anthropic’s Claude API (commercial terms, no training)Encrypted response cache for 1–7 days. Prompts are never stored.
AI SOQL builder & formula helperYour description plus the object’s field names and typesSame path as ExplainSame: encrypted cache, 1–7 days, no prompts.
InvestigateYour question plus a snapshot of the objects you name (fields, picklists, automation, recent errors)Same path as ExplainThe conversation, encrypted at rest, so you can resume it. Auto-deletes after 90 days of inactivity; delete any thread instantly.
Save-error diagnosisThe on-screen error text (Salesforce sometimes quotes a field value in it) plus the object’s active rulesSame path as ExplainEncrypted response cache, 1–7 days.
Crash reports (opt-in, off by default)Error message and extension-only stack trace, scrubbed of IDs, hostnames, URLs, emails, and query textSentryKept only for diagnosis, per the privacy policy.

What Deplo never collects: your Salesforce password or session, bulk record exports, browsing activity, or analytics from the extension. The per-feature detail above is restated formally in the privacy policy.

Compliance, honestly

What exists today: per-feature data-flow documentation (above and in the privacy policy), a subprocessor list with incident-response process, encryption at rest for stored AI content, a DPA on request, and a client you can audit directly, since the extension ships unminified with no remote code. Anthropic, the AI provider, publishes SOC 2 Type II and ISO 27001 at trust.anthropic.com.

What doesn't exist yet: Deplo itself has no SOC 2 audit. It's built and run by one person, and third-party audits are on the roadmap as the product grows: a standardized security questionnaire (now published), then an independent penetration test, then SOC 2. If your organization requires audited certifications for anything AI touches today, use the free tools (which never contact a server) and hold off on the AI tier. That's a reasonable bar, and we'd rather say so than oversell.

DPA and security questionnaire requests: security@getdeplo.com.

Questions admins ask

Does Deplo send my Salesforce data anywhere?

For the free tools, no. Your queries, diffs, and results stay between your browser and your own Salesforce org, and your Salesforce session cookie is never sent to Deplo's servers. Only the optional Pro AI features send metadata to Deplo's API, and only when you use them.

Do I need a Deplo account to use it?

No. Every core tool runs on the Salesforce session already open in your browser: no account, no OAuth, no connected app. A free Deplo account is only needed for the paid AI features.

What does the AI see, and does Anthropic train on it?

Only when you invoke a Pro AI feature, the relevant metadata (e.g. a formula, a flow definition, an access diff) is sent to Deplo's API and on to Anthropic's Claude API under commercial terms. Anthropic does not train on it; content is retained only briefly for abuse monitoring, then deleted. No Salesforce record data is sent in bulk.

What does Deplo itself store from AI calls, and can Deplo read it?

Prompts are never stored. AI responses are cached briefly (1–7 days) to keep repeat calls fast, and each cached response is encrypted with a key derived from the prompt itself plus a server-side secret. There is no way to browse the cache; a cached answer can only be opened by presenting the exact prompt that created it. Investigate conversations are saved so you can resume them: they're encrypted at rest, auto-delete after 90 days of inactivity, and can be deleted instantly from the Recent panel.

Can the extension change my org on its own?

No. It is read-only by default. Writes are a separate, clearly labeled mode you trigger, run under your own permissions, are limited to a fixed allowlist of known-safe shapes, default to sandbox and developer orgs until you opt in for production, and snapshot the prior values first so any change is one click from restored.

Found something, or have a question? Email security@getdeplo.com. Full details in the privacy policy.

Deplo is an independent tool and is not affiliated with, endorsed by, or sponsored by Salesforce, Inc.