Free forever · No ads · No telemetry · The server can't read your pages
LEGAL

Privacy policy

Last updated 2026-06-19

browserfog is a privacy-first browser-memory product operated by Victor Chasex Pvt Ltd, a company incorporated in India with registered office at L-149, Sector 6, HSR Layout, Bengaluru 560102, Karnataka, India ("we", "us", "our"). We store encrypted records of pages you explicitly save. We cannot read those records — they are end-to-end encrypted on your device with a vault key that never leaves your browser.

This policy is published in compliance with the Digital Personal Data Protection Act, 2023 (DPDP Act) and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011. It also covers our obligations to users outside India.

What we collect

What we never collect

How we use what we have

We use the data we collect only to (a) run the service — authenticate sign-ins, serve your ciphertext back to your paired browsers, enforce storage quotas, send transactional email — and (b) keep the service safe and reliable — rate limit abuse, debug outages, and respond to legal process if it ever applies. We never sell user data. We never share it with third parties for marketing purposes.

Third parties we depend on

Your controls

Data retention

Encrypted records stay until you delete them or your account. Soft-deleted records (you clicked "delete" in the dashboard) are kept for 10 minutes as a grace window, then purged from R2 and hard-deleted from the database. Sessions and one-shot verification tokens age out automatically — our hourly cleanup task removes them once expired. Standard server logs are kept for 30 days.

Children

browserfog is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe we have, contact us and we will delete it.

Changes

We will update the date at the top of this page whenever we materially change anything. We will notify active accounts by email if a change reduces privacy in a way you should know about before it takes effect.

DPDP ACT · 2023 · INDIA

Your rights as a Data Principal

If you are a Data Principal under the DPDP Act, you have the following rights with respect to your personal data:

Lawful basis for processing

We process personal data on the following lawful bases under §6 and §7 of the DPDP Act:

Cross-border transfers

Our primary infrastructure is hosted in India. We use the following processors that may store or transit personal data outside India:

The DPDP Act permits cross-border transfers except to countries notified by the Central Government as restricted. We will update this section if any such notification affects our processors.

GRIEVANCE OFFICER · DPDP §8(10)

Reach our designated officer

In accordance with §8(10) of the DPDP Act and Rule 5(9) of the IT Rules, 2011, the designated Grievance Officer is:

NAME
Amit
EMAIL
amit@browserfog.com
POSTAL ADDRESS
Victor Chasex Pvt Ltd
L-149, Sector 6, HSR Layout
Bengaluru 560102, Karnataka, India
RESPONSE SLA
Within 30 days of receipt

Contact

Privacy questions: privacy@browserfog.com. Security disclosures: security@browserfog.com. Grievances under Indian law: amit@browserfog.com (Grievance Officer). Registered office: Victor Chasex Pvt Ltd, L-149, Sector 6, HSR Layout, Bengaluru 560102, Karnataka, India.