Skip to content

← NoorLock

NoorLock Privacy Policy

Last updated: May 25, 2026

Summary

NoorLock collects no data. Nothing is transmitted off your device. There are no analytics, no telemetry, no accounts, no cloud sync, and no third-party SDKs. Everything the app does — detecting short-form video, redirecting away from it, counting how many times it saved you — happens entirely on the device you installed it on.

This policy covers both NoorLock apps:

  • NoorLock for Android — accessibility-service-based blocker for YouTube Shorts, Instagram Reels, Facebook Reels, and TikTok.
  • NoorLock for Browser — Manifest V3 extension for Chrome, Edge, Firefox, and Safari that blocks the same short-form surfaces in the browser.

What data we collect

None. NoorLock does not collect, transmit, or store any personal information on any server. We do not have servers. There is no account to create.

What is stored on your device

The apps store two kinds of state locally so your preferences and counts survive restarts:

  • Settings — which platforms are toggled on or off, and whether to show the NoorLock blocked page versus the platform home page after a block.
  • Block counts — a per-platform tally of how many times NoorLock intercepted a short-form view. Used for the stats card in the app and the popup. Counts roll over a 30-day window; lifetime totals are also kept on-device.

Android uses the OS-provided preferences store. The browser extension uses chrome.storage.local (or the equivalent on Firefox/Safari). Both are scoped to the app and never synced to a cloud service by NoorLock. (If you have enabled Chrome Sync or Google backup at the operating-system level, those services may copy app-level data per their own policies — that's outside NoorLock's control.)

You can clear all NoorLock data at any time by uninstalling the app or, in the browser, by removing the extension or clearing extension storage from chrome://extensions.

Permissions and what they do

NoorLock for Browser

  • Storage — persist the toggles and block counts described above.
  • declarativeNetRequest (with host access) — redirect requests to short-form URLs (e.g. youtube.com/shorts/<id>) to a local blocked page bundled inside the extension. The redirect happens in the browser's network layer; the original URL is passed as a query parameter so the blocked page can show you what was intercepted.
  • Host permissions for youtube.com, instagram.com, tiktok.com, facebook.com — required so the content scripts can remove short-form rails and tiles from the home feeds of these sites. The extension never reads page content beyond the elements it removes, and it makes no network requests to these sites or anywhere else.

NoorLock for Android

  • Accessibility Service — required to detect when short-form content is on screen in YouTube, Instagram, Facebook, or TikTok and trigger an automatic back navigation. The service reads only the UI events from these specific apps to make that decision; nothing read by the service leaves the device.
  • Foreground Service / Boot Completed (where applicable) — keeps the blocker active across reboots so you don't have to re-enable it.

The Android app declares no internet permission, so it cannot make network requests even if the code tried to. The browser extension makes no fetch/XHR/network requests in either the background service worker, the content scripts, or the popup.

Third parties

NoorLock does not embed any third-party SDKs, analytics, advertising, crash reporting, or tracking. The "Buy me a coffee" button in the extension popup and on the blocked page is a plain outbound link to https://buymeacoffee.com/noorkin. It only loads if you click it, in a new tab; NoorLock does not embed, prefetch, or ping the link. Anything that happens on Buy Me a Coffee after you click is governed by their own privacy policy.

Children's privacy

NoorLock does not collect any data, so it does not knowingly collect data from children under 13 (or the equivalent minimum age in your jurisdiction).

Open source

Both apps are open source. You can audit exactly what NoorLock does at github.com/noorkin-dev/noorlock-browser and the corresponding Android repository. If you find anything in this policy that contradicts the code, the code is the source of truth and we will update the policy.

Changes to this policy

If we ever change how NoorLock handles data, we'll update this page and the "Last updated" date at the top. Material changes (anything that introduces data collection or transmission) will also be called out in the app's release notes.

Contact

Questions about this policy or NoorLock's data handling? Email hello@noorkin.dev or open an issue on the GitHub repository.