← Back to Home

Data Collection and Usage

1. Data Stored Locally

The following data is stored locally on your device using Chrome's secure storage APIs and is never transmitted to any server:

• Tab collections (names, tab titles, URLs, favicons)
• User settings and preferences
• Session history
• Undo/redo action history
• AI usage counters (for rate limiting)

2. Data Shared with Third Parties

When you use the AI Group feature, the following data is sent to OpenAI API (api.openai.com) over an encrypted HTTPS connection:

• Tab titles
• Tab URLs
• Your grouping instruction (e.g., "group by project")

This data is used solely to generate tab grouping suggestions. No other personal data is transmitted. The AI grouping feature is optional and limited to 3 uses per day. Data sent to OpenAI is subject to OpenAI's Privacy Policy.

3. Data NOT Collected

• No browsing history
• No passwords or credentials
• No personal information (name, email, etc.)
• No cookies or tracking data
• No telemetry or analytics data
• No advertising identifiers

Permissions

1. Permission Usage

Each permission requested by the extension has a specific purpose:

• tabs — Read open tab titles and URLs to display and organize them
• storage — Store collections, settings, and session history locally on your device
• alarms — Schedule auto-save and backup reminders
• contextMenus — Add right-click menu options for quick tab saving
• notifications — Send backup reminders when tabs haven't been saved. Can be disabled in settings

2. Host Permissions

• api.openai.com — Required for the AI-powered tab grouping feature. Used to send tab titles and URLs to OpenAI GPT-4o-mini for intelligent categorization. All communication uses HTTPS encryption

Security Architecture

1. Local-First Design

• All collections and settings are stored locally on your device
• No user accounts or authentication required
• No cloud storage or remote database
• Extension works fully offline (except the optional AI grouping feature)

2. Data Isolation

• Extension data is isolated from other browser data
• No access to browsing history, passwords, or personal information
• Sandboxed execution environment
• No cross-extension data sharing

Security Measures

1. Data Encryption

• All stored data uses Chrome's built-in encryption
• Local storage is protected by browser security
• All network communication with OpenAI API uses HTTPS encryption

2. Code Security

• All extension code is static and locally stored
• No dynamic code loading or remote code execution
• Regular security reviews of source code

3. Input Validation

• All user inputs are validated and sanitized
• Protection against injection attacks
• Safe handling of file operations
• Error handling without data exposure

User Control

1. Your Rights

• Complete control over your data at all times
• Export your collections in JSON, CSV, Markdown, or TXT format
• Delete any or all data at any time
• AI grouping feature is entirely optional — the extension works fully without it
• Uninstalling the extension removes all locally stored data

2. Data Retention

• Data is retained only as long as the extension is installed
• No data is retained on external servers after AI processing
• Session history has automatic cleanup
• No data retention beyond user needs

Compliance

1. Regulatory Compliance

• GDPR compliance for EU users
• CCPA compliance for California users
• Chrome Web Store Developer Program Policies
• Industry security best practices

2. Security Standards

• OWASP security guidelines
• Chrome extension security policies
• Web security standards

Incident Reporting

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected on this page with an updated "Last Updated" date. Continued use of the extension after changes constitutes acceptance of the updated policy.