Insight suggests extensions while you browse -- this helps the most useful extensions get discovered at the right time. To enable this, browsing information is sent to Insight servers. However, this is not ever stored in connection to your personal information (email, etc). Also, if you're still not sure, we let you disable all communications with Insight servers entirely in app settings.
We all know how "we will never store this" becomes "we will never sell this" becomes "well, we need to make money", all with privacy policy changes that no-one reads.
Extension suggestions can also be implemented client side.
That’s fair tbh. Implementing this server side has let us iterate faster and get this out the door. I think implementing it client side is better however. Till we get there, we let you turn this feature off entirely and just use client side features, which still lets you utilize extensions.
You can offer this feature without sending unnecessary information to your servers. You did it the easy way instead of the "right way".
You need to re-think your architecture to do these checks locally in-browser in order to protect user privacy. If you're concerned about scaling issues, take inspiration from how Google Safe Browsing works (local hash prefix matching & partial hash queries).
