Privacy Policy

Last updated: April 16, 2026

ContextBridge is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your data when you use our Chrome extension, VS Code extension, and related services.

Account Information

When you create a ContextBridge account, we collect:

• Email address: Used for account identification, login, and important service communications
• Name: Optional display name for your account
• Password: Securely hashed using industry-standard bcrypt algorithm; we never store plaintext passwords

We use secure JSON Web Tokens (JWT) for session management. Access tokens are short-lived (15 minutes) and refresh tokens are stored securely and can be revoked at any time.

Data We Collect

ContextBridge collects the following data only when explicitly triggered by you via the extension interface:

• Conversation text and metadata from AI platforms (Claude.ai and ChatGPT)
• Code files synced from your local workspace via the VS Code extension

Important transparency commitments:

• We do not scrape data in the background
• We do not collect data without your visible interaction (clicking the "Capture" button or the status widget)
• All data capture is transparently indicated by a status widget on your screen

Information We Collect

When you initiate a "Capture" or "Sync" action, the extension collects the following specific data from the active browser tab:

• Conversation Content: The text of messages sent by you and the AI provider
• Metadata: Timestamps, conversation titles, and unique identifiers (e.g., UUIDs) to prevent duplicate entries
• Files & Artifacts: Code snippets, text files, or PDFs referenced within the conversation that you have access to
• Project Context: The name and ID of the specific project or workspace you are viewing

How We Use Your Data

Your data is used solely for the purpose of providing the ContextBridge service:

• Stored securely in your private, encrypted database
• Indexed to enable semantic search across your conversations
• Used exclusively for search and context retrieval by you, the data owner

We do not use your conversation data for training public AI models. We do not sell, trade, or rent your personal identification information to others.

Authentication & Security

We implement robust security measures to protect your account:

• Password Security: All passwords are hashed using bcrypt with a cost factor of 12
• Session Management: We use short-lived JWT access tokens (15 minutes) with secure refresh token rotation
• Email Verification: New accounts require email verification before access is granted
• Secure Token Storage: Refresh tokens are hashed before storage; access tokens are never stored server-side

Data Sharing

We take your privacy seriously:

• We do not sell, rent, or share your data with third parties, except as necessary to provide the service (e.g., cloud hosting providers) who are bound by confidentiality agreements
• Your data is accessible only to you
• We do not use your conversation data to train AI models
• We will never sell your conversation history to advertisers or data brokers

Data Security

All data is transmitted securely using industry-standard Transport Layer Security (TLS/SSL) and HTTPS encryption. Your conversation data is stored in isolated, encrypted databases with access controls ensuring only you can retrieve your data.

Data Retention

Your data is retained for as long as you maintain an active ContextBridge account. You may request deletion of your data at any time by contacting us. Upon account deletion, all associated data including conversations, files, and authentication tokens are permanently removed.

Your Rights

You have the right to:

• Access all data we have stored about you
• Request correction of inaccurate data
• Request deletion of your data and account
• Export your data in a portable format
• Revoke all active sessions by resetting your password

Chrome Extension Permissions

The ContextBridge extension requires permissions to access claude.ai and chatgpt.com to provide the conversation capture feature. The extension:

• Only captures data when you explicitly initiate a capture action
• Displays a visible status indicator on supported pages for transparency
• Does not automatically scrape or collect data in the background
• Stores authentication tokens securely in Chrome's sync storage

VS Code Extension

The ContextBridge VS Code extension syncs your local code files to enable unified search. The extension:

• Only syncs files matching your configured patterns
• Stores authentication tokens securely using VS Code's SecretStorage API
• Requires explicit login before any data is transmitted

Analytics & Advertising

We use Google Analytics (GA4) and Google Ads conversion tracking on our website (ctxbridge.io) to understand how visitors interact with our pages and to measure the effectiveness of our advertising. This may involve:

• Collection of anonymized usage data via cookies and similar technologies
• Hashing and sharing of first-party data (such as email addresses you provide) with Google for ads measurement purposes, as part of Google's Enhanced Conversions feature
• Use of the Google Click Identifier (GCLID) to attribute conversions to ad clicks

This tracking applies to the website only — not to data captured through the Chrome or VS Code extensions. You can opt out of Google Analytics tracking via Google's opt-out tool.

Contact Us

If you have questions about this Privacy Policy or your data, please contact us at legal@ctxbridge.io.