I work in IT and have implemented quite a few MDM systems. For Android, a work profile will be entirely isolated personal data wise. IT can’t see anything beyond the work walls, however, there are a few shared things.
If work enforces a tougher screen lock setting, it’ll take precedence over your regular lock screen setting. You might also have a few other things change while it’s active, like display time out (if work has a shorter setting).
We can also see certain shared info like device serial number, IMEI number, OS version, security update version etc. Depending on the configuration, GPS/location info can be obtained as well (via an force-installed policy app for example)
You can pause the profile at anytime which suspends ALL work profile app activity (So if there was an app they install that they could get GPS info from, that app would no longer be functional until unpaused again (no it can’t “run in the background” and collect info on the background either, it’s wholly suspended)) and the pause feature can be set on a schedule so if you have a 9-5 you can set it to that and avoid the whole “always available” problem.
Yea, I wasnt entirely clear, I brought up Manifest v3 as a “this is already complicated, and a browser engine is even more complicated” example
No Chromium fork maintains Mv2 anyways even though it is easier, and yes some do have their own builtin AdBlock and are able to function well that way. But I do not consider that ideal, one would be entirely dependent on their AdBlock implementation where as if a fork maintains Mv2 then you would be able to just change your extension if you don’t like something about it