Privacy Policy

SecondBrain Chrome Extension

Effective Date: April 16, 2026  ·  Last Updated: April 16, 2026

Overview

SecondBrain ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use:

  • The SecondBrain web application at second-brain-ten-henna.vercel.app
  • The SecondBrain Chrome Extension available on the Chrome Web Store

Please read this policy carefully. By using our Service, you agree to the practices described here.

1. Information We Collect

1.1 Information You Provide Directly

  • Account information: Email address and password (managed via Supabase Auth) when you register or sign in
  • Saved content: URLs, page titles, thumbnails, tags, and notes that you explicitly choose to save to your knowledge base
  • User-generated tags and notes: Any organizational labels or annotations you add to saved items

1.2 Information Collected Automatically

Web Application

  • Usage data: Pages visited within the app, features used, and general interaction patterns (collected via privacy-respecting analytics)
  • Authentication tokens: Session tokens stored securely in your browser to keep you logged in

Chrome Extension

  • Current tab URL and title: Read only when you explicitly click the SecondBrain extension icon — we never read your browsing history passively
  • Authentication cookie: We read the SecondBrain website's Supabase authentication cookie solely to verify your login status — we do not read cookies from any other website or third party

1.3 Information We Do NOT Collect

  • We do not track your browsing history
  • We do not collect data from pages you visit without your explicit action (clicking the Save button)
  • We do not read, store, or transmit cookies from any website other than second-brain-ten-henna.vercel.app
  • We do not sell your personal data to any third party
  • We do not use your saved content to train AI models

2. How We Use Your Information

We use the information we collect to:

  1. Provide the Service: Save, organize, and display your knowledge base content
  2. Authentication: Verify your identity and maintain your login session securely
  3. Improve the Service: Understand how features are used to fix bugs and improve user experience
  4. Customer Support: Respond to your inquiries and support requests

3. Chrome Extension Permissions — Detailed Explanation

The SecondBrain Chrome Extension requests the following permissions:

PermissionWhy We Need It
activeTabRead the current tab's URL and title when you click the extension icon — only triggers on your explicit action, never automatically
storageCache your login token locally (for up to 50 minutes) to avoid re-authenticating on every click
cookiesRead only the SecondBrain website's Supabase auth cookie to verify your login status — no third-party cookies are accessed
scriptingDynamically inject scripts into the current page when needed (e.g., after extension updates)
host_permissions: youtube.comDetect when you are on YouTube to auto-apply the correct platform tag — no data is extracted without your action
host_permissions: vercel.appSend save requests to the SecondBrain API on your behalf
host_permissions: supabase.coVerify your user identity with our authentication provider

4. Data Storage and Security

  • Database: Your saved content and account data are stored in a Supabase (PostgreSQL) database hosted on secure cloud infrastructure
  • File Storage: Thumbnails and media files are stored in Cloudflare R2 object storage
  • Encryption: All data is transmitted over HTTPS/TLS encryption
  • Authentication: We use industry-standard authentication practices via Supabase Auth
  • Data Retention: Your data is retained as long as your account is active. You may delete your account and all associated data at any time by contacting us

5. Third-Party Services

We use the following third-party services to operate SecondBrain. Each has its own privacy policy:

ServicePurposePrivacy Policy
SupabaseDatabase, authenticationsupabase.com/privacy
Cloudflare R2File and image storagecloudflare.com/privacypolicy
VercelWeb application hostingvercel.com/legal/privacy-policy
PaddlePayment processingpaddle.com/legal/privacy

6. Your Rights and Choices

You have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Ask us to correct inaccurate or incomplete data
  • Deletion: Request deletion of your account and all associated data
  • Data Portability: Request an export of your saved content in a standard format

To exercise any of these rights, please contact us at the email address below.

7. Children's Privacy

SecondBrain is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete it promptly.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

  • Posting a notice on our website
  • Updating the "Last Updated" date at the top of this policy

Your continued use of SecondBrain after changes are posted constitutes your acceptance of the updated policy.

9. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:

Email: services.of.secondbrain@outlook.com

Website: second-brain-ten-henna.vercel.app

This Privacy Policy was last updated on April 16, 2026.