Privacy

Privacy Policy

Last updated: April 2026

PageHand is designed with privacy as a core principle. This policy explains what data is collected, how it is used, and what control you have.

Data Storage

  • All settings (API key, model configuration, theme, prompt templates) are stored locally in chrome.storage.local.
  • All generated script rules are stored locally in chrome.storage.local.
  • No data is synced to a remote server, cloud account, or third-party service.
  • PageHand does not require a hosted backend to function.

Data Sent to AI Providers

  • Current page content is sent to the configured AI endpoint only when you explicitly ask for analysis or script generation.
  • This includes: page title, URL, visible text content, headings, buttons, links, and form structure.
  • The data is sent to the endpoint you configure (e.g., DeepSeek, OpenAI, or a self-hosted gateway).
  • PageHand does not control what the AI provider does with the data after receipt. Review your provider's privacy policy.

Permissions

  • sidePanel — Required to display the chat UI in Chrome's side panel.
  • storage — Required to persist settings and script rules locally.
  • tabs / activeTab — Required to read the current tab's URL and title for page context.
  • scripting — Required to inject the page bridge content script for context extraction.
  • userScripts — Required to register generated scripts for automatic replay.
  • Host permissions (http://*/*, https://*/*, file://*/*) — Required to read page context and execute scripts on those pages.

Third-Party Services

  • AI Model API — The endpoint you configure. Required for chat and script generation.
  • DuckDuckGo Instant Answer API — Optional. Used only when you enable search per message.
  • GitHub — The extension is distributed via GitHub Releases. No data is sent to GitHub during normal use.

Your Control

  • You can view, enable, or disable any script rule from the side panel or settings page.
  • You can delete individual rules or clear all extension data from chrome://extensions.
  • Uninstalling the extension removes all locally stored data.
  • No telemetry, analytics, or crash reporting is built into the extension.

Changes

This privacy policy may be updated occasionally. Changes will be reflected on this page with an updated date.

Contact

For questions about this policy, open an issue on the GitHub repository.