ContextFlow - Privacy Policy
ContextFlow - Privacy Policy
Privacy Policy for ContextFlow
Effective Date: May 26, 2025
Last Updated: May 26, 2025
Introduction
ContextFlow ("the Extension," "we," "our") is a Chrome browser extension that helps users copy AI chat conversations, generate summaries, and continue those conversations across different AI platforms. This Privacy Policy explains what information the Extension accesses, how it is used, and what guarantees you have regarding your data.
By installing and using ContextFlow, you agree to the terms described in this Privacy Policy.
1. Overview — What We Do Not Do
ContextFlow does not have any backend server, database, or cloud infrastructure of its own. There is no ContextFlow account system. We do not collect, transmit, store on external servers, sell, share, or analyze any of your data. We have no capability to do any of these things because the Extension operates entirely within your browser.
2. Information the Extension Accesses
2.1 Conversation Content
When you click "Copy Chat Context" or use the keyboard shortcut, ContextFlow reads the text content of the AI conversation displayed on the current browser tab. This is necessary to generate a summary.
What happens to this content depends on the Summary Method you have selected in settings:
Gemini (cloud): The conversation text is sent directly from your browser to Google's Gemini API using the API key you provide. The request goes from your device to Google's servers. It does not pass through any ContextFlow server because no such server exists. Google's handling of this data is governed by Google's own Privacy Policy and API Terms of Service. After the summary is returned, ContextFlow stores it temporarily in your browser's local storage (see Section 2.3).
On-device (Chrome AI): The conversation text is processed entirely on your device using Gemini Nano, which runs inside Chrome. No data is sent to any external server. Everything happens locally.
Compact: The conversation text is processed entirely within the Extension's JavaScript code running in your browser. No data leaves your device.
Auto: Uses the same logic as above, trying Gemini cloud first, then on-device, then Compact. The privacy characteristics match whichever method is actually used.
2.2 Gemini API Key
If you choose to use the Gemini summary method, you provide your own Google AI Studio API key. This key is stored locally in your browser using Chrome's chrome.storage.local API (see Section 2.3). The key is only ever sent to Google's Gemini API as part of authenticated API requests you initiate. It is never sent to any ContextFlow server, shared with third parties, or logged anywhere.
2.3 Locally Stored Data
The Extension stores the following data locally on your device using Chrome's chrome.storage.local API. This data never leaves your device except as described in this policy.
Your Gemini API key (if you choose to provide one)
Your chosen Summary Method preference (Auto, Gemini, On-device, or Compact)
Your FAB (floating button) position preference
Your theme preference (Auto, Light, or Dark)
Your custom Follow-up Prompt text (if you set one)
The most recently generated summary ("Saved Context"), including the source page URL, page title, and timestamp
Chrome's chrome.storage.local is stored on your device and is not synced to Chrome's cloud sync. It is isolated to the Extension and cannot be accessed by websites or other extensions.
2.4 Page Content Access
The Extension's content scripts run on the following websites because these are the AI platforms it supports:
chatgpt.com
claude.ai
grok.com and x.com
gemini.google.com
perplexity.ai
deepseek.com
chat.mistral.ai
generativelanguage.googleapis.com (for Gemini API calls)
The Extension only reads conversation text from these pages when you explicitly trigger an action (clicking Copy, using the keyboard shortcut, or clicking a Continue button). The Extension does not monitor pages passively, does not log browsing activity, and does not read any data from these pages other than the visible conversation text at the moment you trigger an action.
3. Data We Do Not Collect
To be explicit:
We do not collect your name, email address, or any identifying information.
We do not collect usage statistics or analytics.
We do not collect crash reports or error logs.
We do not collect your browsing history.
We do not collect the content of your conversations for our own purposes.
We do not use cookies.
We do not run advertisements.
We do not sell data to any third party.
We do not have access to any data stored in your browser by the Extension.
4. Third-Party Services
4.1 Google Gemini API
If you use the Gemini summary method, conversation text is sent to Google's Gemini API (generativelanguage.googleapis.com). This is the only third-party service the Extension communicates with, and only when you have explicitly selected the Gemini method and triggered a summary action.
Your use of the Gemini API is subject to:
Google's Privacy Policy: policies.google.com/privacy
Google AI Studio Terms of Service: ai.google.dev/terms
ContextFlow has no control over how Google processes data sent to its API. You are responsible for reading and agreeing to Google's terms before using your API key with the Extension.
4.2 AI Platforms (ChatGPT, Claude, Grok, Gemini, Perplexity, DeepSeek, Mistral)
When you use the "Continue in" feature to open a new tab on one of these platforms, ContextFlow pastes your summary text into the chat input on that platform. At that point, whatever you send to those platforms is governed by their own respective privacy policies, not this one. ContextFlow's role ends at pasting the text.
5. Permissions and Why They Are Required
Chrome extensions must declare permissions in advance. Here is why each permission is needed.
activeTab: Required to read the conversation text from the AI chat page you are currently viewing. Without this, the Extension cannot extract your conversation.
scripting: Required to inject the floating button and panel into AI chat pages so the Extension interface appears on those pages. Without this, there would be no button or panel to interact with.
storage: Required to save your settings (API key, preferences, saved context) locally on your device using Chrome's chrome.storage.local API. Without this, your settings would reset every time you close the browser.
clipboardWrite: Required to copy the generated summary to your clipboard so you can paste it into another AI manually. Without this, the copy-to-clipboard feature would not work.
host_permissions for supported AI sites: Required by Chrome Manifest V3 for the content scripts to be injected into those specific websites. The Extension only operates on these declared sites.
host_permissions for generativelanguage.googleapis.com: Required to make direct API calls from the content script to Google's Gemini API when the Gemini summary method is used.
6. Data Retention
Since all data is stored locally on your device, it persists until one of the following occurs:
You uninstall the Extension, which removes all chrome.storage.local data associated with it.
You clear the Extension's storage manually through Chrome's extension management settings.
You clear your browser's locally stored data.
ContextFlow does not enforce any retention period because we have no access to your data. Retention is entirely under your control.
7. Children's Privacy
ContextFlow is not directed at children under the age of 13. The Extension does not knowingly collect any personal information from children. If you believe a child has used the Extension in a way that has shared personal data through the Gemini API or another third-party platform, please review the privacy policies of those specific platforms. ContextFlow itself holds no personal data.
8. Data Security
Because ContextFlow does not operate a server or database, there is no central system that could be breached to expose your data. Your data exists only on your device. The security of your locally stored data depends on the security of your device and your Chrome browser.
Your Gemini API key is stored in chrome.storage.local, which is isolated to this Extension. However, anyone with physical or remote access to your device could potentially access Chrome's local extension storage. We recommend treating your API key as a sensitive credential and revoking it at aistudio.google.com if you believe it has been compromised.
9. Your Rights and Controls
You have full control over all data the Extension holds.
To view or delete your stored settings and saved context: Go to Chrome's extension settings, find ContextFlow, and clear its storage. Alternatively, you can uninstall the Extension, which removes all locally stored data.
To revoke your Gemini API key: Go to aistudio.google.com and delete the key from your project. Then clear the key from the Extension settings panel.
To stop the Extension from accessing AI chat pages: Disable or uninstall the Extension.
10. Changes to This Privacy Policy
If this Privacy Policy changes, the updated version will be posted at the same URL with a new "Last Updated" date. Significant changes will be noted in the Extension's Chrome Web Store listing update notes. Continued use of the Extension after changes are posted constitutes your acceptance of the updated policy.
11. Contact
If you have any questions, concerns, or requests related to this Privacy Policy, you can contact:
Email: npatel1073@gmail.com
We will respond to privacy-related inquiries within a reasonable timeframe.
12. Governing Law
This Privacy Policy is governed by applicable laws. As ContextFlow collects no personal data on its own servers, there is minimal regulatory impact, but we are committed to respecting applicable data protection principles including those under GDPR, CCPA, and other regional privacy frameworks to the extent relevant.