Privacy Policy

Tabgrove is local-first. Everything you save stays in your browser unless you explicitly sign in for cloud sync. We don't sell data, we don't run ads, we don't track you across the web.

Tabgrove is operated as a sole proprietorship by Andrii Shcherbiak, al. 3 Maja 51B, Kraków, Poland. For any privacy-related request, write to [email protected].

• Items you save. Title, URL, favicon, intent notes, scheduled dates, and the space you place them in. Collected only when you explicitly trigger the save popup (Cmd/Ctrl+Shift+S).
• Spaces you create. Name, color, icon.
• Preferences. Your display name (optional), theme choice, pinned shortcuts.
• Screenshots. Only when you manually capture them. Full-tab or region-select; never automatic.
• Account data (signed-in users only). Email address from Google sign-in and subscription tier.

We collect email addresses via a waitlist form on this site for upcoming feature announcements (e.g. Tabgrove Pro). This data is processed separately from the extension:

• Purpose: sending a single notification when the announced feature launches.
• Legal basis: your explicit consent (GDPR Art. 6(1)(a)), given via the checkbox on the form.
• Data stored: email address, timestamp, and consent version.
• Retention: your email is deleted within 30 days after the launch notification is sent. If you withdraw consent before launch, we delete it within 14 days.
• Withdrawal: you can withdraw consent at any time by emailing [email protected]. Withdrawal is as easy as giving consent — one email and we remove your address.

• Your general browsing history or activity.
• Page contents outside what you explicitly save.
• Keystrokes, mouse movements, or any behavioral telemetry.
• Analytics events — no Google Analytics, no Mixpanel, nothing.
• Advertising or ad-network data. There are no ads.

• Consent (Art. 6(1)(a)) — the pre-launch waitlist: you actively opt in by checking the consent box. You can withdraw at any time by emailing support.
• Contract (Art. 6(1)(b)) — processing necessary to provide the service you signed up for: storing your items and providing cloud sync for signed-in users.
• Legitimate interest (Art. 6(1)(f)) — keeping the service secure (e.g. abuse detection on sign-in flows) and responding to your support requests.
• Legal obligation (Art. 6(1)(c)) — compliance with applicable legal and regulatory requirements.

We do not rely on consent-based tracking because Tabgrove does not track you.

Tabgrove can surface your most-visited sites as one-click shortcuts on the home view. This is opt-in: the permission is requested on-demand, only when you enable the feature in Settings. Data from chrome.history is read and rendered locally — it never leaves your device.

• Without sign-in: chrome.storage.sync — Chrome's built-in encrypted storage. Syncs across your own Chrome profiles via your Google account. 100KB limit.
• With sign-in: Supabase Postgres + Supabase Storage, both TLS-encrypted in transit and at rest. Accessible only with your authenticated session. Row-level security ensures you can only read and modify your own data.

When you sign in, the following processors handle your data on our behalf. Each operates under its own published data processing terms, which we have accepted, and processes data only as needed to provide its service:

• Supabase (Supabase Inc., US) — authenticated database, storage, and edge functions. See supabase.com/privacy.
• Google (Google LLC, US) — OAuth sign-in (email + profile claims only). See policies.google.com/privacy.
• Vercel (Vercel, Inc., US) — hosting for this marketing site. Receives standard HTTP access logs. See vercel.com/legal/privacy-policy.
• Cloudflare (Cloudflare, Inc., US) — DNS and edge CDN for tabgrove.com. Processes request metadata. See cloudflare.com/privacypolicy.
• ImprovMX (PMXmail SARL, France) — inbound email forwarding for[email protected]. See improvmx.com/privacy.

Our subprocessors are primarily based in the United States. Where your personal data is transferred outside the European Economic Area or the United Kingdom, the transfer is protected by the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or equivalent safeguards as required by applicable law.

• Without sign-in: data lives in your browser until you delete it or uninstall the extension. Tabgrove has no server-side copy.
• With sign-in: account data is retained for as long as your account is active. On deletion request we remove your database records and storage files within 30 days.
• Support email: threads are retained for up to 2 years for context; we delete on request.

Under the GDPR (EU/UK) and CCPA (California), you have the following rights. To exercise any of them, email [email protected] from the address associated with your account. We respond within 30 days.

• Access. Everything you've saved is visible in the extension. On request we provide a machine-readable copy of any Pro account data we hold.
• Erasure ("right to be forgotten"). Free users can uninstall the extension to erase local data. Pro users can request full account deletion; we remove database records and storage files within 30 days.
• Portability. Pro users can request a CSV or JSON export of their items via support email. Native in-app export is on the roadmap.
• Rectification. All user-editable fields are directly modifiable inside the extension. Email us for anything else.
• Objection / restriction. You can object to or restrict processing at any time; in practice this means cancelling your Pro subscription and/or requesting deletion.
• Complaint. You have the right to lodge a complaint with your local data protection authority. For Poland, this is the Urząd Ochrony Danych Osobowych (UODO) — uodo.gov.pl. EU/EEA residents may also contact their own national supervisory authority.

We do not sell or share your personal information within the meaning of California's Consumer Privacy Act. We have never done so and have no plans to. The categories of personal information we collect are listed under "Data Tabgrove collects" above. You retain the right to know, delete, and opt out of any future sale (which would never happen without your explicit consent and an updated policy).

Tabgrove is not intended for users under 13. We don't knowingly collect data from children. If you believe a child has provided us data, contact [email protected] and we'll remove it.

Pro data is served over TLS and encrypted at rest in Supabase. Database access is gated by row-level security policies that restrict each user to their own rows. Access to operational systems is limited to the solo operator and uses hardware-backed MFA. In the event of a data breach affecting your personal data, we will notify you and relevant authorities as required by applicable law (within 72 hours under the GDPR).

This site does not use tracking or analytics cookies. Cloudflare, our CDN and security provider, may set a cookie named __cf_bm on your browser as part of its bot management service. This cookie is strictly necessary for the security of the site, expires within 30 minutes, and does not track you across other websites. No prior consent is required for strictly necessary cookies under the ePrivacy Directive. For details, see Cloudflare's privacy policy.

Material changes will be announced via the extension and this page's "Last updated" date. Continued use after changes constitutes acceptance.

Questions, requests, or concerns: [email protected]