Privacy Policy

Effective date: 22 May 2026 · Last updated: 22 May 2026

The short version. Kliplet ships no analytics and no tracking. The web pages you clip go straight from your browser to the tool you chose — they never pass through us. Kliplet does run a small backend at auth.kliplet.com for payments, license checks, optional cross-device sync, and optional AI features; section 3 describes exactly what it handles. Contact us at privacy@kliplet.com.

1. Who we are

Kliplet ("we", "us") is a browser extension that saves web pages, selections, and highlights to knowledge tools that you control — Notion, Obsidian, Logseq, Joplin (each via its local API), or a Markdown file downloaded to your computer. The extension is published to the Chrome Web Store. The source code is proprietary; see the LICENSE shipped with the extension package.

2. What stays on your device

Most of what Kliplet handles never leaves your browser:

Web page content you clip — the title, body, selection, highlights, and metadata of the active tab when you press Save. This content is sent directly from your browser to the destination you picked (Notion's API, your local Obsidian / Logseq / Joplin instance, or your Downloads folder). It does not pass through a Kliplet server.
Access tokens for the targets you connect (e.g. a Notion integration token, an Obsidian Local REST API key). Stored locally via chrome.storage.local; they leave your machine only to authorize a direct request to the matching service.
Your preferences — templates, default target, highlight colors, etc. Stored locally via chrome.storage.local and IndexedDB.
Your clip history and highlights — stored locally in IndexedDB so the extension can show "already saved" badges, reapply highlights when you return to a page, and retry queued clips after a network failure. Clip history is never uploaded to us.

3. The Kliplet backend (auth.kliplet.com)

Kliplet runs a small backend. It is involved only in the features below, and only handles the data each feature needs:

Payments. Card data is collected and stored by Polar.sh (our merchant of record) on Polar-controlled infrastructure — Kliplet never sees or stores card details. When Polar confirms a purchase it calls a Kliplet webhook, which records your purchase email, tier, subscription status, and expiry.
Licensing. The backend issues and re-verifies a short signed license token (/license/issue, /license/verify). It keeps a license record keyed by your purchase email. The token is stored locally on your device and re-checked online periodically, with a short offline grace window before the extension falls back to the free tier.
Cross-device sync (optional, Pro / Lifetime). If you turn on sync in Options → Sync, your templates and highlight notes are uploaded to and stored in a Kliplet database so they reach your other devices. The pages you clip are not synced — only templates and highlight notes. Sync is off until you enable it, and you can sign out of it at any time in Options → Sync.
AI features (optional). If you use an AI feature — such as automatic tag suggestions or summaries — the text you run it on is sent to the backend, which relays it to a third-party AI provider to produce the result. AI features run only when you invoke them.

No browsing history and no clipped page content ever reach the Kliplet backend.

4. What we do not collect

No analytics or telemetry. Kliplet ships zero usage analytics or error-reporting pings. There is no third-party analytics script (Google Analytics, Segment, Mixpanel, Hotjar, PostHog, Plausible — none).
No advertising trackers on this website. Open the network inspector on kliplet.com and verify it yourself.
No passwords. You never set a password or sign in to a Kliplet account. Your license is tied to the email you bought with; that email is the only identifier the backend keeps.

5. Third-party services you choose to connect

When you connect a target or use a paid feature, your data is governed by that service's privacy policy:

Notion: your clip content and access token are handled per Notion's privacy policy. Kliplet only stores the OAuth access token locally.
Obsidian / Logseq / Joplin: requests go to each tool's local API on your own machine (e.g. the Obsidian Local REST API on https://127.0.0.1:27124). Nothing leaves your device.
Markdown download: the file is saved by Chrome to your Downloads folder. Nothing leaves your device.
Polar.sh: payment processing and card data, per Polar's privacy policy.
AI provider: when you use an AI feature, the text you run it on is processed by a third-party AI provider, relayed through our backend.

6. Where data lives

On your device — chrome.storage.local (preferences, targets, access tokens, license token), IndexedDB via Dexie (clip history, highlights, the offline queue), and chrome.storage.session (short-lived popup state that disappears when the browser restarts).
On the Kliplet backend — your license record (email, tier, status, expiry) and, only if you enable sync, your templates and highlight notes.
With Polar — your payment and card data.

7. GDPR and similar rights

Right to access / delete on your device — the Options → Privacy section exposes an Export all data button (a JSON file of every clip, highlight, template, and target on your device) and a Delete all data button that wipes chrome.storage.local, the IndexedDB store, and revokes the current OAuth session. Deletion is irreversible.
Right to access / delete on the backend — to access or delete the license record or synced data held on auth.kliplet.com, email privacy@kliplet.com. Disabling sync and requesting deletion removes your synced templates and highlights from the backend.
Right to revoke a target's access — disconnect the target in Options → Targets, or revoke the integration directly at the provider (Notion: notion.so/my-integrations).

8. Permissions the extension requests

Each Chrome permission Kliplet asks for is used only for its narrow function:

storage — local preferences and tokens.
tabs + activeTab — read the title and URL of the tab you're saving from.
scripting — inject the content script that extracts the article body.
downloads — write the Markdown file to your Downloads folder (Markdown target only).
alarms — wake the offline queue to retry queued clips.
contextMenus — add the right-click "Save to Kliplet" entry.
host_permissions for the Notion API, the Obsidian REST API, and the pages you choose to clip.

9. Children's privacy

Kliplet is not designed for children under 13 and we do not knowingly collect data from them.

10. Changes to this policy

If we change anything material — for example, if we add a new data flow — we will (a) update this page, (b) bump the effective date above, and (c) post a changelog entry on the GitHub repository. Any new data flow will be opt-in.

11. Contact

Privacy questions, GDPR requests, or anything else: privacy@kliplet.com.