Privacy Policy
Bookmark AI Extension ("the extension", presented as "Bookmark AI") is a Chrome extension that saves the current browser tab as an AI-enriched bookmark in the user's own Google Drive. This policy describes what data the extension processes, where that data is stored, and the choices you have. In short: your bookmark data lives in your own Google Drive, the extension has no backend database of its own, and it does not send your page content to external AI services.
Data processed when you save a page
The extension accesses page content only when you explicitly save
the current tab (via the activeTab and
scripting permissions). When you click Save, the
extension may process:
- The current tab's URL and title.
- Page metadata such as the meta description, Open Graph fields, and headings.
- A temporary, size-capped excerpt of the visible page text, used only as input for AI analysis (see Page text excerpts).
- AI-generated bookmark information: a description, a genre, tags, a long-form Markdown analysis note, and an AI generation status. Output language is Japanese or English.
Data stored in your Google Drive
Bookmark records are stored in a visible folder in your own
Google Drive, in the file
bookmark-ai/bookmarks.jsonl. Each record may
include: the URL and canonical URL, page title, AI-generated
description, genre, tags, a long-form AI-generated Markdown
analysis (never a copy of the page's raw text) with the ID of the
analysis profile used, creation/update timestamps, and an AI
status value.
If you define custom analysis skills (optional and
user-initiated), those settings are stored in
bookmark-ai/settings.json. This file contains only
your custom skill definitions — name, enabled state, priority,
domains, URL patterns, instruction text, and timestamps. It never
contains page excerpts, bookmark records, or other browsing data.
Both files are created and managed by the extension in your Drive, are visible to you, and can be inspected or deleted by you at any time.
Page text excerpts are temporary
- Raw page text excerpts are used transiently, in memory, as input for AI analysis.
-
Raw excerpts are not stored in
bookmarks.jsonl,settings.json, or the local browser cache, and are not intentionally persisted by the extension anywhere. - If a page needs re-analysis, the extension re-extracts content from the live page rather than keeping a stored copy.
Site favicons
The extension shows website favicons next to saved bookmarks in
its popup and options pages. Favicons are resolved by Chrome
itself, at display time, through Chrome's extension-local favicon
endpoint (the favicon permission), derived from the
saved bookmark URL only. No external favicon service is used, and
favicon image data is never stored in the bookmark file, the
settings file, the local cache, or Google Drive.
AI processing
The extension uses Chrome Built-in AI (the Prompt API) when it is available in your browser. AI analysis is performed through this Chrome-provided capability; the behavior and any model handling of Chrome's built-in AI are part of Chrome and are governed by Google's documentation and policies.
What the extension itself guarantees:
- It does not send page content, excerpts, or bookmark data to external AI APIs (such as a Gemini API key integration or OpenAI) — the current version has no external AI provider or API-key fallback of any kind.
- It does not send your data to any server operated by the developer.
- If Chrome Built-in AI is unavailable, the bookmark is still saved without AI-generated fields and marked accordingly.
Ask AI chat
The options page includes an "Ask AI" chat screen for asking questions about your saved bookmarks.
- Ask AI searches only the locally cached bookmark list; it does not search the open web.
- Recommendation prompts sent to Chrome's built-in AI include only compact bookmark fields (an internal candidate ID, title, site domain, genre, capped tags, and a capped short description) — never full URLs, long-form analysis text, raw page excerpts, or Drive metadata.
- Chat questions, answers, and follow-up context are kept in memory only. They are never written to Google Drive, local extension storage, or any external service, and are discarded when the chat is cleared or the page closes.
Google Drive access
The extension signs in with Google OAuth through Chrome's identity API. The only Drive scope it requests is:
https://www.googleapis.com/auth/drive.file
This narrow scope allows the extension to create and manage only
the files it creates itself (or files explicitly opened with it).
The extension uses it solely for its own
bookmark-ai folder and the files described above. It
cannot read, list, or modify the rest of your Drive, and it does
not request full Drive access.
Local browser storage
The extension uses Chrome's local extension storage
(chrome.storage.local) as a cache to make its pages
open quickly. The cache may hold: a snapshot of your bookmark
list, Google Drive file/folder IDs and sync metadata, last sync
status and error messages, and a cached copy of your custom skill
settings. Google Drive remains the source of truth; the cache
never contains raw page excerpts or chat history.
No custom backend, no data sales
- The extension does not operate a backend database or any developer-run server that receives your bookmark data.
- The extension does not sell personal data.
- The extension does not intentionally share bookmark data with third parties.
- Google services and Chrome APIs are used for authentication, Drive storage, and built-in AI capability. Their use is subject to Google's own terms and privacy policies.
Your controls and data retention
You can:
- Delete individual bookmark records from the extension UI.
-
Inspect or delete
bookmark-ai/bookmarks.jsonlandbookmark-ai/settings.jsondirectly in Google Drive. - Revoke the extension's access to your Google account from your Google Account security settings.
- Remove the extension from Chrome.
Bookmark records remain in your Google Drive until you delete them through the extension or directly in Drive. The local cache remains in Chrome's extension storage until it is cleared by the extension, by clearing browser data, or by removing the extension.
Security notes
- Authentication uses Google OAuth via Chrome's identity API; the extension does not handle your Google password.
- OAuth access tokens are managed by Chrome and are not written to the bookmark file or synced storage by the extension.
-
All Google Drive API communication uses HTTPS
(
https://www.googleapis.com). - The project keeps client secrets, API keys, and tokens out of its public source repository; the OAuth client ID embedded in the extension is, by design, not a secret.
Changes to this policy
If the extension's data practices change — for example, if a future version adds an optional external AI provider — this policy will be updated before that change ships, and the "Last updated" date above will be revised.
Contact and support
Questions, requests, or reports about privacy can be filed on the project's public issue tracker: github.com/takemo101/bookmark-ai-extension/issues.