Privacy Policy
DeeVec ("we", "our", or "us") is a Chrome extension that captures web pages you choose to save and lets you search them by meaning. This privacy policy describes what data DeeVec collects, why we collect it, how it is stored, who it is shared with, and how you can control or delete it.
This policy applies to the DeeVec Chrome extension and the DeeVec website at deevec.dev.
What data we collect
DeeVec collects the following categories of data. These categories match the data disclosures in the Chrome Web Store Developer Dashboard.
Web browsing activity
When you capture a page (manually or via auto-capture), DeeVec records the URL and page title of the captured page. We do not record or transmit URLs of pages you visit but do not capture. Auto-capture is opt-in, off by default, and can be disabled at any time in the extension settings.
DeeVec includes a configurable capture blocklist that prevents sensitive domains (such as banking, healthcare, and password manager sites) from being captured, even accidentally via auto-capture. You can customize this blocklist at any time.
Website content
DeeVec extracts the text content of pages you capture. This text is split into paragraph-level chunks, converted into numerical vectors (embeddings) for semantic search, and stored alongside the original text. We do not capture images, videos, cookies, form inputs, passwords, or any data beyond the visible text content of the page.
Personally identifiable information
When you create an account, we collect your email address through our authentication provider (AWS Cognito). If you sign in via Google, Apple, or Microsoft, we receive only the email address and display name associated with that account. We do not access your contacts, calendars, or any other data from your sign-in provider.
Authentication information
DeeVec stores authentication tokens (JWT) locally in your browser's extension storage to keep you signed in. These tokens are not transmitted to any third party.
Payment information
If you subscribe to DeeVec Pro, payment processing is handled entirely by Stripe. We do not receive, store, or have access to your credit card number or payment method details. We receive only your subscription status and Stripe customer identifier.
Why we collect this data
Every category of data listed above is collected solely to provide DeeVec's core functionality: capturing web pages and letting you search them by meaning. Specifically:
- URLs and page titles are stored so you can identify and navigate back to your captured pages.
- Page text content is extracted and embedded so you can search your captured pages semantically.
- Your email address is used for account authentication and to communicate service-related information (such as billing confirmations).
- Authentication tokens keep you signed in to the extension.
- Subscription status determines whether you have access to Pro features.
We do not use your data for advertising, analytics profiling, AI model training, or any purpose other than providing the DeeVec service to you.
DeeVec does not include any analytics SDKs, telemetry, or tracking pixels. The semantic search embeddings used to power DeeVec's search are generated on our own infrastructure and are never sent to any third-party AI provider.
How we store and protect your data
Your captured pages, text content, and embeddings are stored in a PostgreSQL database hosted on Amazon Web Services (AWS) in the us-east-1 region. Data is encrypted at rest using AWS-managed encryption and encrypted in transit using TLS. Your database records are isolated by your user account and cannot be accessed by other users.
Authentication tokens are stored locally in your browser's extension storage and are never sent to any server other than the DeeVec API.
We use industry-standard security practices including IAM-based database authentication, private network subnets, and scoped access controls.
Who we share your data with
We do not sell, rent, or trade your data to anyone.
Your data is shared only with the following service providers, solely to operate the DeeVec service:
- Amazon Web Services (AWS) - cloud infrastructure, database hosting, and authentication (Cognito). Subject to the AWS Privacy Policy.
- Stripe - payment processing for DeeVec Pro subscriptions. Subject to the Stripe Privacy Policy. Stripe receives only the data necessary to process your payment.
We do not share data with advertising platforms, data brokers, analytics providers, or any other third parties.
Data retention and deletion
You can delete individual captured pages or entire collections at any time from within the extension. Deleted content is permanently removed from our database.
Buffer pool pages (auto-captured content) are eligible for removal after 7 days or when the buffer reaches capacity, whichever comes first. Pages are periodically cleaned up unless you explicitly save them to your persistent collection.
To delete your account and all associated data, contact us at support@deevec.dev. We will delete all of your data within 30 days of receiving your request.
Your rights
All users
Regardless of where you are located, you can:
- View all data DeeVec has stored for you (your captured pages, collections, and account information are visible in the extension).
- Delete any or all of your captured content at any time.
- Request complete account and data deletion by emailing support@deevec.dev.
- Disable auto-capture at any time in the extension settings.
European Economic Area (GDPR)
If you are in the EEA, you have additional rights under the General Data Protection Regulation, including the right to access, rectify, port, and erase your personal data, and the right to restrict or object to processing. Our legal basis for processing your data is your consent (given when you sign up and choose to capture pages) and our legitimate interest in providing the service. To exercise any of these rights, contact support@deevec.dev.
California (CCPA/CPRA)
If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of its sale. We do not sell personal information. To exercise your rights, contact support@deevec.dev.
Children's privacy
DeeVec is not directed at children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.
Chrome Web Store Limited Use disclosure
DeeVec's use of information received from Google APIs adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically:
- We only collect and transmit web browsing activity to the extent required for DeeVec's user-facing search functionality, which is described on our Chrome Web Store page and in the extension's user interface.
- We do not transfer or sell user data to third parties, including advertising platforms or data brokers.
- We do not use or transfer user data for personalized advertisements.
- We do not use or transfer user data to determine creditworthiness or for lending purposes.
- Human access to user data is restricted to security investigations, compliance with applicable law, or when the data is aggregated and anonymized for internal operations.
Changes to this policy
We may update this privacy policy from time to time. If we make material changes, we will update the "Last updated" date at the top of this page. Continued use of DeeVec after changes constitutes acceptance of the updated policy.
Contact
If you have questions about this privacy policy or your data, contact us at support@deevec.dev.