Privacy policy
Placeholder — legal text in review. Last updated: pending.
This document describes what data browserfog collects, how it is stored, and what we do with it. The short version: we cannot read your captured pages — they are end-to-end encrypted in your browser before they leave it.
What we store
- Your email address and an Argon2id hash of your password.
- A hash of each per-device API key you mint.
- For every page you save: the AES-GCM ciphertext + IV, an HMAC of the canonical URL (for dedup — irreversible without your vault key), a 0–100 risk score and reasons array, and the capture timestamp.
- Session cookies and CSRF tokens for the dashboard.
- Audit logs of security-sensitive actions (sign-in, password change, session revoke, account deletion).
What we never store
- The URL, title, or content of any captured page.
- Your passphrase or vault key.
- Search queries you type into the dashboard.
- Browsing history outside of pages you explicitly save.
Third parties
- Cloudflare routes inbound HTTPS traffic via Cloudflare Tunnel. Cloudflare sees encrypted TLS handshakes; it does not see your captures (which are independently end-to-end encrypted).
- Mailsetu (SMTP) sends verification + password-reset emails. We transmit only the email subject and body to send these.
- We do not use third-party analytics, advertising trackers, or session-replay tools.
Your rights
You can export your data at any time from the dashboard (decrypts client-side, downloads a JSON bundle). You can delete your account at any time — this hard-deletes every row tied to your user id; encrypted backups are purged on the next nightly rotation.
Contact: privacy@browserfog.com.