Skip to content
Privacy

Local-first. No telemetry. Opt-in AI.

The short version: your tabs stay in your browser. AI requests are opt-in and one-shot. We don't retain them, we don't train on them.

Effective April 24, 2026

On this page

TL;DR

Sessionat is local-first by design. The free tier requires no account and sends zero data to our servers. When you trigger an AI feature, only the specific tabs you reference are sent to our server for that one request. We don't store them, don't train on them, and don't share them.

What we collect

Local storage (on your browser, not ours): saved sessions, tab URLs + titles + favicons, your settings. These live in Chrome's IndexedDB on your device and never leave unless you explicitly export, sync, or use an AI feature.

Account data (only if you create one): email, password hash, organization name, credits balance, billing info (via PayPal — we never see your card). Required for AI features and Pro plan.

Minimal operational logs: API request timestamps, rate-limiting counters (keyed to IP for 1 minute, then deleted), error traces without request bodies. Standard for operating a web service.

What we never collect

  • Your full browsing history or live tab contents — we only see tabs you explicitly route through an AI feature
  • Page contents — we see the URL and title, not what the tab renders
  • Passwords, form data, cookies from your browsing
  • Your device fingerprint, IP-based location, or advertising IDs
  • Data from other browsers or applications

How AI requests work

When you trigger an AI feature (semantic search, chat, summarize, categorize, patterns, research):

  • Only the specific tabs you referenced for that request are sent — not your whole history
  • The request goes to our backend, which forwards it to the underlying LLM provider (OpenRouter)
  • The response is returned to you and logged only for billing (credits used, tokens, timestamp — not contents)
  • We don't retain the tab contents of the request after the response is delivered
  • LLM providers have their own retention policies — see subprocessors below

You can disable AI features entirely in settings. The local tier fully works without an account.

Cookies & analytics

We use Google Tag Manager with Consent Mode v2 — analytics are defaulted to “denied” until you explicitly accept via the consent banner. Essential cookies (session, CSRF) are used for login on the web dashboard. Everything else is opt-in.

Subprocessors

  • Cloudflare — hosting, DDoS protection, edge delivery (US/EU)
  • OpenRouter / Anthropic / OpenAI — LLM providers for AI features (per-request, no training on your data)
  • Serper — Google search API for research mode (query string sent, no account tied)
  • PayPal — payments for Pro and Enterprise
  • EmailIt — transactional email (signup, password reset, invoice receipts)

Your rights

Everyone — EU, UK, California, and otherwise — has the same rights: access, correction, deletion, export, and objection. Email privacy@sessionat.com and we respond within 30 days.

Free-tier users have it even simpler: your data is already on your device. Export via Settings → Export (JSON). Delete by uninstalling the extension. Done.

Contact

Privacy questions: privacy@sessionat.com.
Support: /support.
Data controller: Sessionat, Inc.