At a Glance

Free tier is fully local. Nothing leaves your device. Ever.
Paid tiers (Advanced / Pro) sync your clips, feeds, and settings to our cloud (Convex, EU/US regions) and send selected clip content to Google's Gemini API for AI processing.
Sensitive content (API keys, credit-card numbers, private keys, etc.) is detected on your device and is never synced to the cloud or sent to AI — even on paid tiers, even if sync is on.
We don't sell your data, we don't serve ads, we don't profile you across the web.
You control it all — capture toggle, excluded-sites allow/block lists, sensitive-content auto-expiry, AI off-switch, cloud-sync toggle, account deletion.
Contact: support@kopyfeed.com. Supervisory authority (EU): ÚOOÚ (Czech Republic).

Overview

KopyFeed ("KopyFeed," "we," "our," or "us") operates a browser extension and web application that captures, organizes, and enriches clipboard content using artificial intelligence. This Privacy Policy describes how we collect, use, store, and protect your information.

Our core privacy principle is local-first. On the free tier, all your data stays on your device and never leaves your browser. Cloud features are only available to paid subscribers who explicitly opt in. We do not sell your data, and we do not use it for advertising.

Chrome Web Store — Limited Use compliance: KopyFeed's use of information received from Google APIs and from Chrome browser data adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. We do not transfer user data for advertising, sell user data to brokers, or use it for creditworthiness or lending decisions. The only humans who view your content are you and, in narrowly defined break-glass situations (incident response, court order), a limited set of authorized engineers under documented procedures.

This policy is effective as of May 23, 2026. By using KopyFeed, you acknowledge that you have read and understood this policy. If you do not agree, please uninstall the extension and stop using the web application.

Who We Are (Data Controller)

KopyFeed is operated from the Czech Republic (European Union). For all privacy-related questions, requests under GDPR, CCPA, or any other applicable data-protection law, contact:

Email: support@kopyfeed.com
Contact page: kopyfeed.com/contact

We are the data controller for personal data processed in connection with the KopyFeed service. Our service providers (sub-processors) listed below act as processors on our behalf, except where noted — Stripe and Clerk also act as independent controllers for limited purposes (Stripe for payment-card data; Clerk for authentication audit logs).

Information We Collect

Automatically Captured Content

When you copy or cut content in your browser, the KopyFeed extension captures the following:

Clipboard content — the text, code, URL, or image you copied
Source URL — the web page where the copy event occurred
Timestamp — when the content was captured
Content type — whether the content is text, code, an image, or a URL
Public metadata (for social URLs) — when you copy a URL from YouTube, X, TikTok, Spotify, Reddit, GitHub, Bluesky, or Vimeo, we fetch publicly available metadata (title, thumbnail, author name) via each platform's public oEmbed API. No authentication is sent.

The extension also detects programmatic clipboard writes (e.g., when a website's "Copy to Clipboard" button is used). This ensures comprehensive capture regardless of how content reaches your clipboard.

Important: KopyFeed only captures clipboard events within your browser. It does not monitor your system clipboard, read files on your computer, or capture content from other applications.

Account Information

If you create an account (required for paid tiers), we collect:

Email address and name — provided via Google OAuth or email/password registration through our authentication provider, Clerk
Account identifier — a unique ID assigned by Clerk

Payment Information

If you subscribe to a paid tier (Advanced or Pro), payment is processed entirely by Stripe. We store:

Stripe customer ID — to link your subscription to your account
Subscription status — active, canceled, past due, or trialing

We never receive, process, or store your credit card number, CVV, or billing address. All payment card data is handled exclusively by Stripe under their privacy policy. Stripe is PCI-DSS Level 1 certified; we minimize our PCI scope by using Stripe-hosted checkout flows so cardholder data does not transit or rest on our servers.

Usage Metrics (Credit System)

For paid-tier users, we track AI feature usage to enforce monthly credit budgets. We record:

Per-feature monthly counters (e.g., number of summaries, image descriptions, link analyses, feed summaries) — used for analytics and abuse detection
Monthly credit total (creditsUsed) — your current month-to-date consumption against your tier budget (1,500 credits / month on Advanced, 6,000 on Pro)
Timestamp of last AI request — used solely for per-second rate limiting to prevent abuse
A pricing version (costsVersion) so credits accrued under a given price schedule remain auditable if costs change

We do not store the prompts you send to AI or the responses returned, except as part of the resulting clip (e.g., the AI summary saved alongside your clip). Usage records are deleted when you delete your account.

Local Storage (Your Device)

KopyFeed stores your data locally using your browser's IndexedDB database (version 13). The 12 active stores are:

All captured clips (text, code, URLs, images)
Content hashes for deduplication, and canonical-ID mapping
Custom feeds, feed groups, and layout preferences
Clip-to-feed assignments and per-feed counters
AI-generated metadata (categories, summaries, tags, OCR text)
Feed summaries and pending-summary queues
Sync queue (offline-first; items pending upload)
Retroactive AI processing stats

Your local database is isolated per user account. If you sign in with different accounts, each has a completely separate IndexedDB database (named kopyfeed_user_{clerkId}). Anonymous (free-tier) usage has its own isolated database (kopyfeed). Settings live in chrome.storage.local, a separate extension-specific store.

Local data is managed entirely by your browser and encrypted at the operating system level on platforms that support it. For free-tier users, this data never leaves your device. We cannot access, read, or retrieve your local data.

Cloud Storage (Paid Tiers Only)

Cloud storage is available only to Advanced ($6.99/month) and Pro ($11.99/month) subscribers. When enabled, the following data is synced to our cloud database, powered by Convex:

Clips with AI-generated metadata (categories, summaries, tags, OCR text)
Custom feeds, feed groups, layout configuration, and per-feed AI-filter results
User settings and preferences (theme, capture mode, excluded/allowed sites, sensitive-content controls)
AI usage records (credit balance, per-feature counters — see Usage Metrics)
Generated AI digests, feed summaries, and stored AI-filter evaluation results
Feed-Agent suggestions and your feedback on them (see Activity & Agent Data)
A 1,536-dimensional embeddings table is reserved in our schema for future re-enablement of semantic search; it is currently not populated.

All cloud data is strictly isolated per user. Every database query is scoped to your account via authenticated Clerk session tokens — it is architecturally impossible for one user to access another user's data via the API. Data is encrypted in transit using HTTPS/TLS 1.2 or higher, and encrypted at rest by Convex.

Storage caps: 2 GB on Advanced, 10 GB on Pro. Images are compressed (JPEG 80%) and thumbnailed (600px) before upload to keep within these limits.

AI Data Processing

KopyFeed uses AI to enhance your content with summaries, categories, image descriptions, and more. AI processing works differently depending on your tier:

Free Tier (Local AI Only)

The free tier uses algorithmic categorization that runs entirely on your device in under 10 milliseconds. This assigns categories and tags using pattern matching — no data is sent to any external service.

Paid Tiers (Cloud AI)

Advanced and Pro subscribers can use cloud AI features. AI processing is opt-in: it is gated by a master toggle in Settings → AI → Categorization refinement, plus per-feature toggles for image analysis, link analysis, and YouTube analysis. When you use these features, the following data may be sent to AI providers:

Clip content (text, code snippets)
Clip URL and source-page URL for context
Images (base64-encoded) — for AI description AND OCR. The AI returns a verbatim transcript of every word, number, and symbol visible in the image (up to 50,000 characters). This OCR text becomes part of your clip and is searchable.
YouTube video URLs (for transcript or full-video analysis)
Web-page content extracted from the originating tab at copy time (used for link analysis when the open web doesn't allow server-side fetch — e.g., Reddit, paywalled pages, single-page apps)

Data that is NEVER sent to AI providers:

Content flagged as sensitive (see Sensitive Content Protection)
Your authentication credentials or session tokens
Payment information
Your IndexedDB database contents in bulk

AI Service Provider

All cloud AI is processed by Google's Gemini API. We use two model tiers:

Gemini 2.5 Flash (heavier reasoning) — for image description with OCR, feed summaries, full YouTube video analysis, and digest generation.
Gemini 2.5 Flash-Lite (high-volume, structured) — for categorization, text summarization, link analysis, AI filters, and YouTube transcript analysis.

We use the paid Gemini API tier. Per Google's Gemini API Additional Terms of Service, on the paid tier Google does not use your prompts or responses to improve Google's products or train Google's models. Google may retain prompts and responses for a limited period (up to 30 days, per Google's published documentation) for the sole purpose of abuse detection. Full details are governed by the Gemini API terms linked above and Google's Privacy Policy.

Automated Decision-Making (GDPR Art. 22)

AI features in KopyFeed organize and describe your own content for your benefit — categorization, summarization, image OCR, filtering, feed suggestions. None of these decisions produce legal effects or similarly significant effects on you within the meaning of GDPR Article 22. You can disable AI processing entirely in Settings → AI; algorithmic local categorization continues to work without sending any data to the cloud.

Sensitive Content Protection

KopyFeed automatically detects sensitive content in your clipboard using local pattern matching. The following types are detected entirely on your device:

Generic API keys and tokens (sk_, pk_, api_, key_, token_ prefixes)
AWS access keys (AKIA format)
Private keys (PEM-encoded)
Credit card numbers (Luhn-validated)
US Social Security numbers
GitHub, GitLab, Slack, Google Cloud, npm, Twilio, and SendGrid tokens
JWTs
Database connection strings (MongoDB, PostgreSQL, MySQL, Redis)
High-entropy password-like strings

When sensitive content is detected:

It is masked in the display (partial redaction)
It is never uploaded to cloud storage — verified at the sync layer, before any data leaves your device
It is never sent to AI services for processing
You can enable a 10-minute auto-expiry in Settings → General → Privacy. This is OFF by default to avoid unexpected data loss — when you enable it, sensitive clips delete themselves 10 minutes after capture (the window is configurable).

Additional user controls in the same settings panel:

Sensitive websites — domains whose copies are automatically marked sensitive (e.g., your bank, internal tools)
Sensitive keywords — words/phrases that flag a clip as sensitive
Detector toggles — turn off individual detection patterns if they produce false positives in your workflow
Excluded websites / Allowlist mode — KopyFeed can be told to ignore certain domains entirely (blocklist), or only capture from an explicit list (allowlist mode).

URL caveat: URLs themselves can leak information (session tokens in query strings, magic-link tokens, password reset URLs). KopyFeed stores URLs as you copy them and may send them to AI for link analysis. We recommend adding sensitive sources to the excluded list or using allowlist mode if you frequently handle URLs containing secrets.

Activity & Agent Data

Two AI features observe your usage patterns to power suggestions. Both are opt-in and can be turned off via Settings → Agent → Privacy Mode:

Activity counters — daily totals of clips captured per category and per source domain. Used by the digest and feed-agent to summarize what you saved and suggest new feeds.
Behavioral profile — a JSON blob storing your feedback history on agent suggestions (accept / dismiss / snooze), dismissed-pattern memory (so we don't re-suggest something you rejected), and consecutive-dismissal counters (so we back off gracefully). Syncs cross-device.
Agent telemetry — lifecycle of each suggestion (generated, presented, user action, undo). Aggregated monthly. Used to detect and remove regressions in the agent.

When Privacy Mode is on, the extension skips agent analysis runs locally and the cloud-persistence path is short-circuited server-side — neither activity counters nor agent state are written to the cloud.

KopyNote Shared Backend

KopyNote is a sibling product (an AI-powered notepad) that shares the same Convex backend, Clerk authentication, and Stripe billing as KopyFeed — one account covers both products. If you use only KopyFeed, no KopyNote data is created. If you also use KopyNote, your notes, note-feeds, shares, and chat data live in the same Convex deployment under user-scoped tables (notes, noteFeeds, noteShares, noteChatMessages, etc.). The same per-user isolation guarantees apply.

AI features in KopyNote that are not present in KopyFeed include voice dictation: when you record a voice note in KopyNote, base64-encoded audio is sent to Google's Gemini API for transcription. This applies only to KopyNote users; KopyFeed itself never records or transmits audio.

Browser Extension Permissions

The KopyFeed Chrome extension requests the following permissions. Each is used solely for the stated purpose:

Permission	Why We Need It
`clipboardRead`	Core functionality — reading clipboard content when you copy
`clipboardWrite`	Writing to the clipboard from the side panel (e.g., the "Copy clip" button)
`storage`	Storing your settings and preferences locally
`unlimitedStorage`	Allowing the local IndexedDB to grow beyond Chrome's default quota for users with large clip histories
`cookies`	Managing your authentication session with Clerk
`activeTab`	Detecting the source URL of the page where you copied content, and capturing tab content for link analysis
`scripting`	Injecting content scripts that capture clipboard events
`sidePanel`	Displaying the KopyFeed side panel interface
`notifications`	Alerting you when AI processing completes or when the agent has new suggestions
`contextMenus`	Adding a right-click menu option for manual capture
`offscreen`	Required by Chrome Manifest V3 for clipboard operations
`alarms`	Scheduling background tasks (sync, cleanup, retry queues)

Host Permissions

The extension connects to these domains:

kopyfeed.com, www.kopyfeed.com, *.kopyfeed.com — our web application and custom subdomains
*.convex.cloud — our cloud database (Convex)
*.clerk.accounts.dev — authentication (Clerk)

Content Scripts

Content scripts run on all web pages you visit (<all_urls>), but only to capture clipboard events (copy and cut) and to detect programmatic clipboard writes. These scripts do not read page content (except the active page's text at the moment of a copy event, for link-analysis context), do not track your browsing, do not inject advertisements, and do not modify web pages in any way. A third content script runs only on kopyfeed.com pages, to bridge the extension with the web app.

Sub-processors

We use the following third-party services to operate KopyFeed. Each processes data only as needed to provide its specific function. We will give 30 days' notice via this page if we add new sub-processors; material changes will also be notified by email.

Service	Purpose	Data Shared	Location
Clerk	Authentication	Email, name, OAuth profile, session tokens	US
Convex	Cloud database & serverless functions	Clips, feeds, settings, AI usage (paid tiers only)	US
Stripe	Payment processing & subscription billing	Email, subscription status (card data stays with Stripe)	EU (Stripe Payments Europe Ltd) + US parent
Google (Gemini API)	AI processing (text + vision + audio for KopyNote)	Clip content, source URLs, images, page content — never sensitive	US / global
Cloudflare	Web hosting (Workers) & CDN	Standard web traffic (HTTP headers, IP)	Global edge
Svix	Webhook delivery (Clerk → our backend)	Authentication event payloads only	US

We also use public oEmbed APIs from YouTube, X (Twitter), TikTok, Spotify, Reddit, GitHub, Bluesky, and Vimeo to fetch publicly available metadata (titles, thumbnails, author names) for URLs you copy. These requests contain only the URL and do not require authentication.

Cookies & Tracking

KopyFeed uses minimal cookies, exclusively for authentication:

Clerk session cookies — to maintain your signed-in state across the web application

We do not use:

Advertising or marketing cookies
Analytics tracking cookies or pixels
Cross-site tracking of any kind
Fingerprinting or device identification
Behavioral profiling for advertising

We honor the Global Privacy Control (GPC) signal from your browser as a valid opt-out request under CCPA/CPRA.

The browser extension stores settings using chrome.storage.local and your clips in IndexedDB — extension-specific storage APIs separate from browser cookies.

International Data Transfers

KopyFeed is operated from the European Union (Czech Republic). Our cloud infrastructure and AI providers may process data in the United States and other countries. These transfers are protected by:

EU–US Data Privacy Framework (DPF) for providers that are self-certified under the DPF (where applicable)
Standard Contractual Clauses (2021 Module 2/3) as a fallback transfer mechanism with all sub-processors
Data processing agreements (DPAs) signed with every sub-processor
Encryption in transit (HTTPS / TLS 1.2+) for all data transfers
Provider certifications and compliance frameworks (SOC 2, ISO 27001, PCI-DSS)

Free-tier users: No data transfers occur. All your data stays on your device, in your browser's local storage.

Legal Basis for Processing (GDPR)

Under Article 6 GDPR, we process your personal data on the following legal bases:

Purpose	Data	Legal Basis (Art. 6)
Provide the KopyFeed service (sync, account, dashboard)	Clips, feeds, settings, account profile	(b) Contract
Cloud AI features (summaries, image AI, link analysis, etc.)	Selected clip content (see AI section)	(a) Consent (opt-in toggle) + (b) Contract
Subscription billing and tax compliance	Stripe customer ID, email, subscription status	(b) Contract + (c) Legal obligation (tax law)
Abuse detection, rate limiting, fraud prevention	Request timestamps, usage counters, IP at API boundary	(f) Legitimate interest
Feed-agent suggestions & behavioral profile	Activity counters, dismissal memory	(a) Consent (opt-in; Privacy Mode is the off-switch)
Service improvement, debugging, incident response	Aggregated, non-identifiable telemetry	(f) Legitimate interest

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation:

Right to access — request a copy of the personal data we hold about you
Right to rectification — request correction of inaccurate personal data
Right to erasure — request deletion of your personal data (account deletion cascades to all stored cloud data)
Right to data portability — receive your data in a structured, machine-readable format
Right to restrict processing — request that we limit how we process your data
Right to object — object to processing based on legitimate interests
Right to withdraw consent — at any time, without affecting the lawfulness of prior processing (use the AI off-switch or Privacy Mode toggle, or contact us)
Rights related to automated decision-making — as noted above, KopyFeed's AI features do not produce legal or similarly significant effects on you under Art. 22.

To exercise any of these rights, contact us at support@kopyfeed.com. We verify identity via the email address on file before processing requests and respond within 30 days (extendable by two months for complex requests, with notice).

You also have the right to lodge a complaint with your local data protection supervisory authority. Our lead supervisory authority is the Úřad pro ochranu osobních údajů (ÚOOÚ) in Prague, Czech Republic.

Your Rights Under CCPA / CPRA (California)

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) give you the following rights:

Right to know — what personal information we collect, use, and disclose
Right to delete — request deletion of your personal information
Right to correct — request correction of inaccurate personal information
Right to opt-out of sale/share — we do not sell or share your personal information to third parties for cross-context behavioral advertising
Right to limit use of Sensitive Personal Information (SPI) — see below
Right to non-discrimination — exercising privacy rights will not affect your service quality or pricing

Categories of Personal Information Collected (CCPA §1798.140)

Identifiers — email, name, Clerk user ID, Stripe customer ID
Internet or other electronic network activity — clipboard content, source URLs, content captured at copy time
Commercial information — subscription tier and status
Inferences — AI-generated categories, summaries, keywords, OCR transcripts derived from your clips
Geolocation (approximate) — derived from IP at request time for routing; not stored persistently

We do not collect biometric data, precise geolocation, or protected-class characteristics.

Sensitive Personal Information (SPI)

Because clipboard content is freeform, it can sometimes contain SPI under the CPRA definition (account credentials, government IDs, financial information, contents of messages). KopyFeed's controls minimize this:

On-device sensitive-content auto-detection (see Sensitive Content Protection) blocks known credential patterns from being synced to the cloud or sent to AI.
The excluded-websites and allowlist mode features let you scope capture to specific domains, which serves as your "right to limit use of SPI" control.
We do not use SPI for any purpose other than providing the service (storing and organizing your clips for your own use).

To exercise any CCPA/CPRA right, contact us at support@kopyfeed.com. We verify your identity through the Clerk account email before processing requests. We respond within 45 days as required by law (extendable by 45 days with notice). You may use an authorized agent by providing signed permission; we may still verify directly with you.

Data Retention

Data Type	Retention
Local data (IndexedDB)	Entirely under your control — no forced deletion
Cloud clips	Until you delete them. Optional auto-delete after 7, 14, 30, or 90 days is available in Settings → Data; default is "never".
Soft-deleted clips and feeds (tombstones)	Retained for 30 days after deletion so other devices can sync the deletion, then permanently purged by a weekly cleanup job
Sensitive content	Auto-expiry is OFF by default. When enabled by the user, sensitive clips delete after 10 minutes (window configurable). Sensitive clips never reach the cloud regardless.
AI usage records (credits, counters)	Deleted when you delete your account
Agent suggestions and behavioral profile	Deleted when you delete your account or turn on Privacy Mode
Account data (profile, settings)	Until you delete your account
Billing records (invoices, Stripe customer ID)	Retained as required by Czech accounting law (Zákon o účetnictví §31 — up to 10 years for invoice records), independent of account deletion
Abuse / rate-limit logs	≤ 90 days, then automatically purged

Account deletion cascades across all cloud data: clips, feeds, feed groups, settings, AI usage records, subscriptions, sync state, agent suggestions, and any other associated data — except where retention is required by law (e.g., billing records under tax law). Your local data in IndexedDB is not affected by account deletion — you control it independently through your browser.

Data Security

We implement multiple layers of security to protect your data:

Encryption in transit — all data transfers use HTTPS / TLS 1.2 or higher. HTTP Strict Transport Security (HSTS) is enabled.
Encryption at rest — cloud data is encrypted at rest by our infrastructure provider (Convex).
Content Security Policy — strict CSP headers prevent unauthorized code execution on our web application.
Per-user database isolation — both locally (separate IndexedDB per signed-in account) and in the cloud (every query is scoped to the authenticated user's ID).
Content hashing — SHA-256 hashing for deduplication.
Rate limiting — 500 ms minimum between clipboard captures; per-second server-side rate limits on AI actions.
Origin validation — the extension only communicates with whitelisted domains (kopyfeed.com, localhost for development).
Session nonce — cryptographic nonce prevents replay attacks on extension-to-web-app communication.
Webhook signature verification — all inbound webhooks (Clerk via Svix, Stripe) are authenticated via HMAC signature verification on every request; invalid-signature requests are rejected.
Authentication tokens — issued by Clerk, short-lived, and stored in the extension's session-isolated storage; never transmitted to third parties other than our own backend.

While we take reasonable measures to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

Data Breach Notification

In the event of a personal data breach that affects your data:

We will notify the ÚOOÚ (or other relevant supervisory authority) within 72 hours of becoming aware, in accordance with GDPR Article 33.
Where the breach is likely to result in a high risk to your rights and freedoms (e.g., exposure of clipboard content, account credentials, or payment information), we will notify you directly without undue delay via the email on file, in accordance with GDPR Article 34. The notification will describe the nature of the breach, the categories and approximate number of records affected, the likely consequences, and the measures we are taking.
We comply with applicable US state breach notification laws where users reside.

Children's Privacy

KopyFeed is not directed to children. You must be at least 16 years old to use the service. In jurisdictions with a lower digital age of consent, you must meet that age. In the United States, we do not knowingly collect personal information from children under 13 (COPPA). If we learn we have collected data from a child below the applicable age, we will promptly delete that information. If you believe a child has provided us with personal data, please contact us at support@kopyfeed.com.

We do not target advertising to anyone, do not build behavioral profiles for advertising, and do not engage in any processing that would meet the COPPA definition of personal information collection from a child.

Changes to This Policy

We may update this Privacy Policy from time to time. For material changes (anything that expands what we collect, changes how AI processes your data, or affects your rights), we will notify registered users via email at least 30 days before the change takes effect, and post a banner in the web app and extension. The updated policy will be posted at this URL with a new "Last updated" date. Editorial fixes (typos, broken links) do not trigger notification.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Email: support@kopyfeed.com
Contact page: kopyfeed.com/contact

For GDPR-related requests, we respond within 30 days (extendable by two months for complex requests, with notice). For CCPA-related requests, we respond within 45 days (extendable by 45 days, with notice) as required by law.

Privacy Policy