Browsers Extensions

What is this?

Sonar is a tool that helps organisations stay compliant on their software usages. We let your IT administrator see which Software-as-a-Service (SaaS) applications are being used so that your organisation can cut unused licenses, identify security vulnerabilities, and find tools that are better suited to its needs.

Sonar was designed with privacy in mind and is not meant to track the employees’ work. We only collect a minimum amount of data strictly for the purposes cited above, and aim to be fully transparent regarding how the extension works on your computer and how we use your data.

This document aims to answer any questions you may have. Should you have any concerns that aren’t covered here, please do not hesitate to reach out to us.

How does it work?

The Sonar browser extension works in the background. It looks at the domains that are being visited and will ping the Sonar servers about once per day per domain whenever it detects that you’re using a SaaS tool that is in our database of ~100,000 SaaS. Your administrator can then easily find out which tools are the most used, and optimise the organisation’s tech stack.

Sonar will generate events only for the SaaS-related domains that are listed in your settings. All visits to domains that are not on this list will be promptly ignored and will not generate a “visit” event sent to our servers.

We aim to limit the amount of data sent to our servers as much as possible. Thus, if you keep your browser open throughout the day, only about one “visit” event per domain per day will be sent to the Sonar servers.

What data leaves my computer?

We only track SaaS-related domains to generate “visit” events for the Sonar servers about once per day per domain.

When a “Visit” event is generated, the following data is transmitted to our servers:

• Connected User Email Address (e.g: elon.musk@tesla.com) (only for the identified extension).

• Domain visited (e.g: asana.com)

• Date of the visit (e.g: 01/09/23 @ 12:45am)

• All the cookies so we can be sure to identify if the user was authentified or not.

• Any answer or rating you've submitted in the browser extension.

Can I access this data?

The “owner” of the organisation can give you access. Usually, this person should either be your IT administrator, or a member of the financial team.

Once invited, you’ll be able to visualise all the data that Sonar has on the organisation and its employees.

Your administrator may also request to export or delete this data by heading over to the Account page.

Why is the extension asking for permission “X”?

When installing Sonar, the following permissions are being requested:

• “Read and change your data on a number of websites” → This lets us find out which SaaS are being used, and if those contain authentication cookies. Only the websites related to the ~ 3,000 SaaS that exist in our database are being tracked.

• “Read your browsing history” → Same as above, this lets us find out which SaaS are being used. All websites that aren’t present in our database of ~ 3,000 SaaS will be promptly ignored.

• “Know your email address” → This lets us identify your Google Workspace account.

How was the extension installed on my computer?

Your IT Administrator most likely remotely installed the extension.

Privacy Policy

You may find the full privacy policy of Sonar here: https://sonarclarity.ai/privacy

Terms & Conditions

You may find the full terms and conditions of Sonar here: https://sonarclarity.ai/tos

Contact details / Who built this

Should you have any questions regarding the extension, please do not hesitate to reach out to us at support@sonarclarity.ai.

Deployment procedure