Local-first by default
All HODL data is stored on your device unless you explicitly enable cross-device sync.
On-device AI
AI tagging runs locally using Chrome's built-in Gemini Nano. No data is sent to OpenAI, Anthropic, or any cloud model for tagging.
Encryption
- At rest: AES-256
- In transit: TLS 1.3
- Cross-device sync: End-to-end encrypted with keys only you hold
What we collect
- Email (for account)
- Payment info (Stripe handles this; we never see card numbers)
- Anonymized usage metrics (extension opens, feature usage)
What we never collect
- Contents of your tabs
- Passwords or form data
- Browsing history outside saved sessions
Third parties
- Stripe (payments)
- Supabase (encrypted data storage, if sync enabled)
- Resend (transactional emails)
GDPR / CCPA
Export your data anytime from Settings → Data → Export. Delete your account permanently from Settings → Account → Delete.
Contact: privacy@unihodl.app