Legal

Privacy policy

Last updated: 30 March 2026

What ContextBolt collects

ContextBolt is a Chrome extension. All bookmark data (text content, AI-generated tags, topic assignments, and embeddings) is stored locally in your browser using IndexedDB. Nothing leaves your device unless you use features that require server processing.

How the extension accesses your data

ContextBolt uses content scripts to capture bookmarks from the platforms you use:

The extension does not access your passwords, direct messages, private content, or any data beyond the bookmarks and saved posts you choose to sync.

Data sent to our servers

When ContextBolt processes a bookmark, the text content is sent to our API server (api.contextbolt.app) for:

We do not store the raw text of your bookmarks on our servers during processing. Text is processed in-memory and discarded after the AI response is returned to your browser.

Account registration

When you first install ContextBolt, an anonymous account is automatically created to manage your API access. This stores a randomly generated API token only. No email or personal information is required for the Basic tier.

If you upgrade to Pro, you provide your email address and activate a license key. We store your email, license key, and API tokens. We use your email solely for account management, license validation, and optional digest emails. We never sell or share your email with third parties.

Cloud sync (Pro only)

Pro users get encrypted cloud sync so their bookmarks are accessible via the MCP endpoint. When enabled, the following is stored in our Cloudflare D1 database:

You can delete all synced data at any time from the extension settings. Deleting your account removes all server-side data permanently.

MCP endpoint (Pro only)

Pro users receive a personal MCP (Model Context Protocol) endpoint URL with a unique token. This endpoint allows AI tools like Claude Desktop, Cursor, or Windsurf to search your synced bookmark collection. The MCP server only exposes read access to your bookmarks. It cannot modify or delete your data.

Payments

Payments are processed by Lemon Squeezy. We do not store credit card numbers, bank details, or payment credentials. All payment data is handled entirely by Lemon Squeezy's PCI-compliant infrastructure. See Lemon Squeezy's privacy policy.

Cookies and analytics

We do not use any third-party analytics, tracking scripts, or advertising pixels on our website or extension. No cookies are set for tracking purposes. We do not collect browsing history, IP addresses for profiling, or any behavioral data.

Third-party services

ContextBolt relies on the following third-party services to operate:

Data retention

Local data (in your browser) persists until you uninstall the extension or manually clear it from settings. Server-side data (Pro cloud sync) is retained for as long as your account is active. If you cancel Pro, synced data is retained for 30 days to allow re-subscription, then permanently deleted. Processing logs (API requests) are not stored.

Data deletion

You can delete all local data from the extension settings at any time. To delete your server-side account and all synced data, email [email protected]. We will process deletion requests within 7 days.

Your rights

Under UK data protection law, you have the right to access, correct, or delete any personal data we hold about you. You also have the right to data portability and to object to processing. To exercise any of these rights, email [email protected].

Changes to this policy

We may update this privacy policy from time to time. Material changes will be communicated via email (if you have an account) or through the extension. The "Last updated" date at the top of this page will always reflect the most recent revision.

Contact

Questions about privacy? Email [email protected].