Introduction
Welcome to MemSync ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our browser extension and related services. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not use our extension.
Extension Purpose
MemSync is a browser extension with a single, clearly defined purpose: to save and synchronize your chat history across multiple AI platforms (ChatGPT, Claude, and Gemini). Our extension keeps your conversation context intact, allowing seamless transitions between different AI assistants.
Data Collection
What Data We Collect
We collect the following types of data:
- Website Content: Chat conversations, text, and messages from supported AI platforms (ChatGPT, Claude, Gemini)
- Authentication Information: Email address and credentials for account creation and login
- User Activity: Basic usage information such as when chats are saved or synchronized
What We Do NOT Collect
We explicitly do NOT collect:
- Personally identifiable information beyond email address
- Health information
- Financial and payment information
- Location data or IP addresses
- Web browsing history outside of the supported AI platforms
- Keystroke logging or mouse tracking
How We Use Your Data
We use the collected data exclusively for the following purposes:
- Core Functionality: To save, organize, and synchronize your AI chat conversations across platforms
- Account Management: To create and maintain your user account
- Cloud Synchronization: To enable access to your saved chats across different devices
- Service Improvement: To improve and optimize the extension's performance and features
Important: We use your data ONLY for purposes directly related to MemSync's single purpose of managing and synchronizing AI chat conversations. We never use your data for unrelated purposes.
Permissions Justification
Storage Permission
We request storage permission to locally store your chat projects and team data on your device, enabling offline access and faster performance.
ActiveTab Permission
We need activeTab permission to read and extract chat content from the currently active tab when you're using supported AI platforms (ChatGPT, Claude, or Gemini).
Scripting Permission
The scripting permission allows us to run background scripts necessary for monitoring and saving chat conversations in real-time across supported platforms.
Host Permissions
We require host permissions for the following domains:
chatgpt.comandchat.openai.com- To extract ChatGPT conversationsclaude.ai- To extract Claude conversationsgemini.google.com- To extract Gemini conversations
These permissions enable us to scrape and save your chat content for synchronization across all three platforms.
Remote Code Usage
We use remote code to enable cloud synchronization features. Specifically, we make API calls to our backend servers to store and retrieve your chat data, allowing you to access your conversations from any device. All remote code execution is limited to:
- Communication with our secure backend API
- User authentication and authorization
- Data synchronization across devices
We do not load or execute any third-party JavaScript from external sources beyond our own secure backend.
Data Sharing and Third Parties
We certify that:
- We do NOT sell or transfer user data to third parties, outside of approved use cases
- We do NOT use or transfer user data for purposes unrelated to our extension's single purpose
- We do NOT use or transfer user data to determine creditworthiness or for lending purposes
We may share your data only in the following limited circumstances:
- With Your Consent: When you explicitly authorize us to share specific information
- Service Providers: With trusted third-party service providers who help us operate our services (e.g., cloud hosting providers), under strict confidentiality agreements
- Legal Requirements: When required by law, court order, or government regulation
- Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users
Data Security
We implement appropriate technical and organizational security measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit using HTTPS/TLS
- Encrypted storage of sensitive information
- Regular security audits and updates
- Access controls and authentication mechanisms
- Secure backend infrastructure with industry-standard practices
However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
Data Retention
We retain your data for as long as your account is active or as needed to provide you with our services. You can request deletion of your data at any time by contacting us or deleting your account through the extension settings.
After account deletion, we will remove your personal data from our systems within 30 days, except where retention is required by law or for legitimate business purposes (e.g., resolving disputes, enforcing agreements).
Your Rights and Choices
You have the following rights regarding your data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Export: Request export of your data in a portable format
- Opt-Out: Opt out of certain data collection or processing activities
- Revoke Consent: Withdraw consent for data processing where consent was the legal basis
To exercise any of these rights, please contact us using the information provided below.
Children's Privacy
Our services are not intended for children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately, and we will delete such information.
International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We ensure that appropriate safeguards are in place to protect your data in accordance with this privacy policy.
Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make changes, we will update the "Last Updated" date at the top of this policy. We encourage you to review this policy periodically.
If we make material changes, we will provide notice through the extension or via email to the address associated with your account.
Compliance
MemSync complies with applicable data protection laws and regulations, including but not limited to:
- Chrome Web Store Developer Program Policies
- General Data Protection Regulation (GDPR) - for users in the European Economic Area
- California Consumer Privacy Act (CCPA) - for California residents
- Other applicable regional data protection laws
Contact Us
If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:
Website:
https://memsync.opsilonlabs.com