Privacy Policy
Last updated: June 21, 2026
Your snapshots and AI chat content stay on your device — and, if you enable Google Drive sync, in your own Google Drive. SessionPort never receives the content of your snapshots. The only data SessionPort's server ever receives is basic account and subscription info, and only if you choose to sign in (see "Accounts & subscription").
What we collect
By default SessionPort collects no personal information — everything below is processed locally on your device. (If you choose to sign in or subscribe, limited account data is handled as described under "Accounts & subscription".)
- AI chat content — text from AI model responses (Claude, ChatGPT, Grok, Gemini, Mistral, Perplexity, DeepSeek) that you explicitly capture using the extension. This data is stored in your browser's IndexedDB and stays on your device unless you enable Google Drive sync (see below).
- Extension settings — your preferences (theme, language, project names, hide-test toggle) stored in chrome.storage.local on your device.
- Attached files — files you manually attach to snapshots, stored locally in IndexedDB as binary data.
What we do NOT collect
- The content of your snapshots or attached files — this never leaves your device except to your own Google Drive when you enable sync
- Your name, phone number, or postal address
- Passwords — sign-in (when you use it) goes through Google OAuth, so we never see your Google password
- Payment card details — these are handled entirely by the payment processor; we never receive or store them
- Browsing history or activity outside of the supported AI platforms
- Analytics, telemetry, advertising identifiers, or usage tracking
Data storage
All snapshot data is stored in your browser's IndexedDB under the SessionPort database. Settings are stored in chrome.storage.local. By default this is scoped to your browser profile and does not leave your device.
You can export all your data at any time using the Export feature in Settings → Backup, and delete it by uninstalling the extension or clearing browser storage.
Google Drive sync (optional)
SessionPort offers an optional Google Drive integration. It is off by default and only activates when you explicitly connect your Google account in Settings.
- Where your data goes. When enabled, your snapshots are saved to a folder in your own Google Drive so they can sync across your devices. The data is transferred directly between your browser and Google Drive. SessionPort runs no servers and never receives or stores a copy.
- Scope. SessionPort uses the
drive.file scope, which grants access only to files this extension creates — never to the rest of your Drive. It also reads your account email (userinfo.email) to label the connection.
- Control. You can disconnect at any time in Settings; this revokes the access token. You may also remove access at myaccount.google.com/permissions and delete the files from your Drive.
- Google's handling of data stored in your Drive is governed by Google's Privacy Policy. SessionPort's use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.
Accounts & subscription (optional)
The core extension is free and requires no account. SessionPort also offers an optional paid plan. Signing in and subscribing are entirely optional; if you never sign in, none of the data below is collected.
- Sign-in. If you choose to sign in, SessionPort uses Google Sign-In. We receive a Google identity token and use it only to identify your account. We store a stable Google account identifier and your email address on our server (hosted on a third-party cloud platform) solely to recognize you across your devices and to record your subscription status. We never receive your Google password.
- Subscription & payments. Purchases are processed by a third-party payment provider (for example, Apple In-App Purchase on iOS, or a web payment processor). They handle all billing and card data; SessionPort never sees your card details. Our server stores only your subscription status (e.g. free or active) and a provider transaction reference, so the app knows what you are entitled to.
- What our server never receives. Your snapshots, AI chat content, and attached files are never sent to our server. It holds account and subscription metadata only.
- Your control. You can sign out at any time, and request deletion of your account record by contacting us (see "Contact").
Permissions
SessionPort requests the following Chrome permissions:
- storage — saves your settings and current session state locally
- activeTab — identifies which AI platform is open to apply the correct capture/inject strategy
- scripting — injects context text into the AI chat input field when you transfer context
- sidePanel — displays the SessionPort interface as a side panel alongside your AI chat
- tabs — reads the current tab URL to detect the AI platform and synchronize state
- alarms — schedules reliable background polling so capture works even if the service worker would otherwise sleep
- identity — used only if you connect Google Drive or sign in: obtains an OAuth token for your Google account (for Drive sync and, optionally, account sign-in)
- host permissions (chatgpt.com, claude.ai, grok.com, gemini.google.com, perplexity.ai, chat.mistral.ai, chat.deepseek.com) — required to run the content script on each supported platform to capture responses and inject context into their text editors
- googleapis.com / oauth2.googleapis.com — used only when Google Drive sync is enabled, to read/write your snapshot files in your own Drive
Third parties
SessionPort contains no analytics libraries, crash reporters, advertising networks, or trackers, and we never sell your data. We use third-party service providers only to deliver features you explicitly opt into:
- Google — Google Drive (when you enable sync) and Google Sign-In (when you sign in).
- Cloud hosting — stores the account and subscription metadata described above (only if you sign in).
- Payment processor — processes purchases and handles all payment data (only if you subscribe).
Each provider receives only the limited data needed for that feature, and only when you use it. If you never enable sync, sign in, or subscribe, no data is shared with any third party.
Children
SessionPort is not directed at children under 13 and does not knowingly collect information from them.
Changes
If this policy changes materially, we will update the "Last updated" date above. Continued use of the extension after changes constitutes acceptance of the revised policy.
Contact
Questions about this policy: sessionport@gmail.com