A Chrome extension that touches Salesforce should make you suspicious. So here is exactly what Deplo can do, what leaves your browser, and how to check every claim on this page for yourself.
The core tools need no Deplo account, no OAuth, and no connected app. They run on the Salesforce session already open in your browser tab: the extension calls your own org’s API as you, with your exact permissions, never a hidden service account.
For those free tools, nothing is shipped to a Deplo server to run them. Your queries, diffs, and results stay between your browser and your own Salesforce org. Only the optional Pro AI features (Explain, Investigate, formula help) send metadata to Deplo’s API, and only the moment you use them.
Host access is limited to Salesforce domains and getdeplo.com. That’s the whole list.
cookiesDirect mode. Salesforce keeps its session ID in an HttpOnly cookie that page scripts can't read. The background worker reads it only to call your own org's API on your behalf; that's what makes the tools work with zero setup. It's read per request, used only for calls to that same org, never persisted, and never sent to Deplo's servers.
storageKeeps your Deplo sign-in (for the optional Pro AI), a 1-hour cache of results so things render instantly on revisit, and the undo snapshots that back every write. Local to your browser.
contextMenusRegisters the right-click entry points: "Explain this component," "Reverse Trace this record," and the others.
unlimitedStorageLets the local undo snapshots for bulk operations grow past the small default quota, so a large CSV load is always one click from restored.
The Salesforce sid cookie is read per request to call your own org and is never persisted or sent to Deplo's servers.
Read requests are limited to safe GET/HEAD calls. Anything that changes your org is a separate, clearly labeled mode you trigger.
The worker can only issue writes that match a fixed allowlist of known-safe shapes, they default to sandbox and developer orgs until you opt in for production, and every edit snapshots the prior values first, so you are one click from restored.
Every line of JavaScript ships in the package (Manifest V3). Nothing is fetched and run at runtime, so what you audit is what runs.
tabs, no <all_urls>.Queries, diffs, usage stats, and bulk-edit results are computed against your own Salesforce session and never leave your browser. Undo snapshots are stored locally (that’s the storage permission). Nothing is sent to a Deplo server to run them.
When you invoke an AI feature, only the relevant metadata (a formula, a flow, an access diff, not bulk record data) goes to Deplo’s API. Server-side we store your account, workspace, and AI-usage counts (for the monthly cap), never your Salesforce session. Processing runs on Anthropic’s Claude API under commercial terms: Anthropic does not train on it, and it’s retained only briefly for abuse monitoring, then deleted.
Subprocessors for the optional Pro features: Anthropic (AI), Supabase/Render (app + database), Stripe (billing). The web app uses privacy-respecting analytics; the extension itself ships zero analytics. Full list and retention terms in the privacy policy. Anthropic publishes its own SOC 2 Type II and ISO 27001 attestations at trust.anthropic.com.
The complete list. If a feature isn't here, it doesn't leave your browser.
| Feature | What's sent | Where it goes | What's stored |
|---|---|---|---|
| All free tools (SOQL, Compare Access, field & picklist usage, Record Peek, Data Ops, Dependency Explorer) | Nothing. Requests go from your browser to your own org’s API. | Your Salesforce org only | Undo snapshots, saved queries, and history stay in your browser’s local storage. |
| Explain (flow, validation rule, Apex) | That component’s definition plus relevant field names | Deplo’s API, then Anthropic’s Claude API (commercial terms, no training) | Encrypted response cache for 1–7 days. Prompts are never stored. |
| AI SOQL builder & formula helper | Your description plus the object’s field names and types | Same path as Explain | Same: encrypted cache, 1–7 days, no prompts. |
| Investigate | Your question plus a snapshot of the objects you name (fields, picklists, automation, recent errors) | Same path as Explain | The conversation, encrypted at rest, so you can resume it. Auto-deletes after 90 days of inactivity; delete any thread instantly. |
| Save-error diagnosis | The on-screen error text (Salesforce sometimes quotes a field value in it) plus the object’s active rules | Same path as Explain | Encrypted response cache, 1–7 days. |
| Crash reports (opt-in, off by default) | Error message and extension-only stack trace, scrubbed of IDs, hostnames, URLs, emails, and query text | Sentry | Kept only for diagnosis, per the privacy policy. |
What Deplo never collects: your Salesforce password or session, bulk record exports, browsing activity, or analytics from the extension. The per-feature detail above is restated formally in the privacy policy.
What exists today: per-feature data-flow documentation (above and in the privacy policy), a subprocessor list with incident-response process, encryption at rest for stored AI content, a DPA on request, and a client you can audit directly, since the extension ships unminified with no remote code. Anthropic, the AI provider, publishes SOC 2 Type II and ISO 27001 at trust.anthropic.com.
What doesn't exist yet: Deplo itself has no SOC 2 audit. It's built and run by one person, and third-party audits are on the roadmap as the product grows: a standardized security questionnaire (now published), then an independent penetration test, then SOC 2. If your organization requires audited certifications for anything AI touches today, use the free tools (which never contact a server) and hold off on the AI tier. That's a reasonable bar, and we'd rather say so than oversell.
DPA and security questionnaire requests: security@getdeplo.com.
For the free tools, no. Your queries, diffs, and results stay between your browser and your own Salesforce org, and your Salesforce session cookie is never sent to Deplo's servers. Only the optional Pro AI features send metadata to Deplo's API, and only when you use them.
No. Every core tool runs on the Salesforce session already open in your browser: no account, no OAuth, no connected app. A free Deplo account is only needed for the paid AI features.
Only when you invoke a Pro AI feature, the relevant metadata (e.g. a formula, a flow definition, an access diff) is sent to Deplo's API and on to Anthropic's Claude API under commercial terms. Anthropic does not train on it; content is retained only briefly for abuse monitoring, then deleted. No Salesforce record data is sent in bulk.
Prompts are never stored. AI responses are cached briefly (1–7 days) to keep repeat calls fast, and each cached response is encrypted with a key derived from the prompt itself plus a server-side secret. There is no way to browse the cache; a cached answer can only be opened by presenting the exact prompt that created it. Investigate conversations are saved so you can resume them: they're encrypted at rest, auto-delete after 90 days of inactivity, and can be deleted instantly from the Recent panel.
No. It is read-only by default. Writes are a separate, clearly labeled mode you trigger, run under your own permissions, are limited to a fixed allowlist of known-safe shapes, default to sandbox and developer orgs until you opt in for production, and snapshot the prior values first so any change is one click from restored.
Found something, or have a question? Email security@getdeplo.com. Full details in the privacy policy.
Deplo is an independent tool and is not affiliated with, endorsed by, or sponsored by Salesforce, Inc.