Last updated: 2026-04-24
Effective date: 2026-04-24
Purpose
Daneel AI Chrome Extension is a private AI reading and research assistant for the web pages, websites, and local documents the User chooses to engage with. Every feature in the extension is an implementation of that single purpose: helping the User understand content they have already decided to read.
All design decisions in Daneel flow from this purpose. Daneel reads, fetches, or processes content only in response to an explicit User action — asking a question about the current page, importing a document into a vault, or starting a site index.
Privacy summary
Daneel runs AI inference inside the User's browser or against backends the User configures. Prompts, AI responses, indexed website content, and local document contents stay on the User's device.
The only personal data we store on our servers is payment and license-related: a purchase record and a per-license activation counter. Details are in section 3.
We do not sell User data and do not train AI models on User content.
Table of contents
- 1. Who we are
- 2. Scope of this policy
- 3. Information collected — and what is not
- 4. How data flows
- 5. Chrome extension permissions
- 6. Third-party services (sub-processors)
- 7. Data storage and security
- 8. Data sharing and sale
- 9. International data transfers
- 10. User rights
- 11. Children's privacy
- 12. Changes to this policy
- 13. Contact
- 14. Chrome Web Store Limited Use disclosure
1. Who we are
Daneel AI is developed and operated by WAEBS, a French company trading under the Injen.io brand.
- Legal entity: WAEBS
- SIREN: 431 946 532
- SIRET: 431 946 532 00071
- European VAT number: FR21 431 946 532
- Registered address: 131 Boulevard Pereire, 75017 Paris, France
- Legal representative: Julien Borrel
- Official public registry entry (France): annuaire-entreprises.data.gouv.fr
- Company website: injen.io
- Privacy contact: think+daneel-privacy@injen.io
WAEBS is the data controller within the meaning of the EU General Data Protection Regulation (GDPR) for the personal data processed in connection with Daneel AI.
For EU residents, the lead supervisory authority is the French data protection authority (CNIL, cnil.fr).
2. Scope of this policy
This policy covers:
- The Daneel AI Chrome extension (Chrome Web Store ID:
ebmjckdkmojgnbhnnindennabonbnogp) - The Daneel purchase and license-activation flow (Stripe Checkout, the
/api/*backend endpoints ondaneel.injen.io, and the Supabase database that stores license records) - Emails sent to WAEBS contact addresses (e.g.
think+daneel-privacy@injen.io)
This policy does not cover:
- The LLM backends the User configures (Azure OpenAI, a self-hosted Ollama server, Claude API, Chrome's built-in Gemini Nano, etc.). Each of these is operated by a separate provider or by the User, and each has its own privacy terms.
- Stripe's handling of payment card details. Card numbers, CVV, expiry, and billing address entered into Stripe Checkout are governed by Stripe's privacy policy. WAEBS never sees that information.
- Supabase's infrastructure-level data handling, governed by Supabase's privacy policy.
- Google Chrome itself and its browser-level data practices, governed by Google's policies.
- Websites the User visits through the browser.
3. Information collected — and what is not
3.1. What is NOT collected
WAEBS does not collect, transmit, or retain on its servers any of the following:
- Conversation content — the User's prompts, the AI's responses, and the context of chats
- The text of queries typed into Daneel
- Indexed website content (this stays in the User's browser
IndexedDB/chrome.storage.local) - Local document contents imported into a vault (these stay on the User's device)
- Browsing history
- Cookies from sites the User visits
- Form data from sites the User visits
- Keystrokes outside of Daneel's own UI
- Screenshots
- Full payment card details — card numbers, CVV, expiry, and billing address are handled entirely by Stripe's hosted Checkout; WAEBS never sees them
- Precise geolocation (GPS coordinates, street-level location)
- Any Daneel user account — there is no sign-in to Daneel itself
3.2. What is collected or processed
A. Payment and purchase records (at the time of a Daneel Pro purchase)
Data stored:
- Email address
- Payment status (succeeded, failed, refunded)
- Stripe session ID, customer ID, and payment intent ID
- Purchase timestamp
- License key issued (
DAN-XXXX-XXXX-XXXXformat) - Plan tier (
paidorsponsor) - Amount and currency
- Billing country (for tax compliance)
- Feature flags associated with the license
- Revocation status
Source of the data:
Stripe's hosted Checkout page. Once a payment succeeds, Stripe sends a webhook to the Daneel backend (POST /api/webhook/stripe) with the fields listed above.
Where the data is stored:
A row in a Supabase (PostgreSQL) database, hosted in Supabase's EU West (Ireland, eu-west-1) region. Access is restricted to WAEBS administrators through authenticated Supabase service credentials.
Purpose:
- To issue a valid license key to the paying customer
- To provide billing support (refunds, disputes, receipts)
- To comply with French and EU tax and accounting obligations
- To detect and prevent payment fraud
Retention:
Retained for as long as the license is active, plus the minimum period required by French tax and accounting law — typically ten years — after which records are anonymised or deleted.
Legal basis (GDPR):
- Art. 6(1)(b) — performance of contract (to issue and support the purchased licence)
- Art. 6(1)(c) — legal obligation (French tax and accounting retention)
- Art. 6(1)(f) — legitimate interest (fraud prevention)
B. License-key activation counter
Data stored:
Each license key has an activation_count integer and a last_activated_at timestamp. Every time a device calls the Daneel backend to unlock Daneel with that key, the counter is incremented by one and the timestamp is updated.
Data NOT stored alongside the counter:
The IP address of the activating device, the device fingerprint, the operating system, the hostname, the browser fingerprint, and any other identifier tied to the machine are not recorded. Only the running count and the timestamp of the most recent activation.
Source of the data:
The Daneel extension contacts the /api/activate endpoint when a User enters a license key.
Where the data is stored:
The same Supabase database row as the license itself, keyed by the license key.
Purpose:
License keys are sold per User. A counter that climbs far beyond the number of seats purchased indicates the key is being shared or leaked in violation of the license terms. This is a license-enforcement signal, not a user-tracking mechanism.
Retention:
Retained for the lifetime of the license. Reset or deleted when the license is revoked or refunded.
Legal basis (GDPR):
Art. 6(1)(f) — legitimate interest (protecting the integrity of a paid product against unauthorised sharing).
C. License validation requests
Data processed:
When the extension calls the /api/activate or /api/refresh endpoint, it transmits the license key and a product version string. As with any HTTP request, standard network metadata (source IP, timestamp, user-agent header) is observable at the edge and may be retained in operational logs for a short window (typically 30 days) for abuse mitigation and debugging, after which logs are rotated or deleted.
Retention:
- Operational edge logs: 30 days maximum, then rotated.
- Validation outcome (success/failure linked to the license): retained with the license record.
Legal basis (GDPR):
- Art. 6(1)(b) — performance of contract (validation is part of serving the purchased license)
- Art. 6(1)(f) — legitimate interest (abuse prevention, service reliability)
D. Extension update pings
When Chrome automatically updates Daneel from the Chrome Web Store, it pings Google's update servers. This is handled entirely by Google Chrome and the Chrome Web Store, not by WAEBS. It is governed by Google's privacy policy.
E. Anonymous product analytics
Daneel ships with optional, anonymous product analytics that help WAEBS understand which features are used and catch regressions. This is enabled by default and can be turned off at any time in Settings → Privacy → Telemetry.
Transport: Google Analytics 4 (GA4). Events are sent from the extension's service worker directly to Google's endpoint, not via WAEBS servers. Google acts as a data processor for this data.
What is sent in each event:
- An event name from a fixed catalog (for example
chat,search,vault_create,install,provider_switch,model_load,license_set,data_export) — never a free-form string. - Typed, non-identifying properties such as the name of the LLM provider in use (
webgpu,ollama,claude,gemini-nano), the number of pages crawled, or a duration in milliseconds. No prompts, no responses, no URLs, no document content. - Common device properties: extension version, browser name and version, operating system and architecture, screen resolution, language, and IANA timezone.
- Approximate geography (country, region, city) derived from the browser timezone — no external IP lookup is performed by default. Users may opt in separately to a more accurate IP-based geolocation in Settings → Privacy (the
ipGeoEnabledtoggle, off by default), which makes a single HTTP call toipapi.coon service-worker startup. - A randomly generated client ID stored in
chrome.storage.local. It is not linked to the User's email, license key, or any other identifier.
What is never sent:
Conversation text, prompts, AI responses, URLs of pages the User visits, document content, file names, or any error messages that could contain user text. Telemetry payloads contain only enumerated event names, booleans, integers, and durations.
How to disable:
Open Daneel → Settings → Privacy → turn off "Anonymous product analytics". No event is sent after the toggle is off.
Legal basis (GDPR):
Art. 6(1)(f) — legitimate interest in improving the product. This interest is balanced against User rights by (a) making the data non-identifying, (b) providing a clear opt-out, and (c) not linking telemetry events to any license record.
WAEBS does not use crash reporting services (e.g. Sentry, Bugsnag). Errors surface in the extension's own UI and in the browser's developer console; they are not transmitted to WAEBS.
F. Correspondence
When a User emails WAEBS (for example at think+daneel-privacy@injen.io or a support address), WAEBS retains the message, the email address, and its responses as long as necessary to resolve the query and for a reasonable follow-up window afterwards.
4. How data flows
4.1. AI content flow , primary Daneel usage
A question is typed into Daneel
↓
The Daneel extension (running inside the User's browser)
↓
The LLM backend the User chose:
• WebGPU (100% in-browser, no network at all)
• Chrome Built-in Gemini Nano (Chrome ships the model locally)
• A self-hosted Ollama server (typically localhost)
• An Azure OpenAI deployment operated by the User
• Anthropic Claude API (with the User's own API key)
↓
The response streams back to the extension
↓
Stored in the browser's IndexedDB / chrome.storage.local,
on the User's device onlyWAEBS never appears in this flow. There is no proxy, no relay, no mirror, no sampling point. WAEBS could not read the User's prompts or responses even if it wanted to, because they are never sent to WAEBS.
4.2. Payment and licensing flow (one-time, at purchase)
User clicks "Buy Pro" on daneel.injen.io
↓
Redirect to Stripe Checkout (hosted by Stripe)
↓
Card details entered on Stripe's servers
(WAEBS never sees the card)
↓
Stripe webhook → POST /api/webhook/stripe (Daneel backend)
↓
Row inserted into Supabase:
{ email, stripe_customer_id, license_key, plan,
amount, currency, country, status, timestamps }
↓
License key is delivered to the purchasing email via Resend,
and also shown on the /api/success page in the browser
so the User can copy it into the extension4.3. License validation flow (on activation and periodic refresh)
User pastes the license key in Daneel's Settings → License
↓
Extension → POST /api/activate on daneel.injen.io (HTTPS)
↓
Daneel backend:
• Looks up the key in Supabase
• Verifies it is not revoked
• Increments activation_count, updates last_activated_at
• Signs a 7-day ES256 JWT containing plan + feature flags
↓
JWT returned to the extension, cached locally,
and verified offline using a public key bundled
in the extensionThe JWT is refreshed in the background before expiry via POST /api/refresh. No user content is part of these requests — only the license key and a product version string.
5. Chrome extension permissions
Daneel declares the following permissions in its manifest.json. Each one is listed here with its purpose and what it does not do.
activeTab
- Purpose: Read the current page's DOM so the User can ask questions about it (Page Q&A mode).
- Scope: Granted only for the tab the User interacts with, only while the User interacts with it.
- What Daneel does: Extract the page's visible text on demand to include it as context for the LLM backend the User chose.
- What Daneel does not do: Continuously monitor the tab, capture screenshots, log keystrokes, or read forms that have not been submitted.
storage and unlimitedStorage
- Purpose: Persist the User's settings, conversations, local vaults, indexed website chunks, knowledge graphs, and downloaded local AI models.
- Scope: Purely local. Data is stored in
chrome.storage.localandIndexedDBon the User's device.unlimitedStorageis needed because AI models and vector indexes can exceed Chrome's default quota. - What Daneel does: Read and write data the User generated inside Daneel.
- What Daneel does not do: Send the contents of local storage anywhere. Settings and conversations are not synced to WAEBS servers.
scripting
- Purpose: Inject Daneel's widget overlay (the small launcher button and panel) into web pages the User visits.
- Scope: Only Daneel's own widget scripts, loaded from the extension bundle — never arbitrary code.
- What Daneel does not do: Inject scripts into pages for tracking, ad injection, affiliate hijacking, or any other purpose.
tabs
- Purpose: Open internal extension pages (the Vault tab, the onboarding flow, the Stripe checkout success page), coordinate widget state across tabs of the same site, and target the correct tab when activating a license.
- What Daneel does: Query metadata (URL, title) of tabs that need to be coordinated with.
- What Daneel does not do: Inventory the User's open tabs, record browsing history, or transmit tab data off the device.
identity
- Purpose: Drive the OAuth 2.0 + PKCE login flow for third-party services the User chooses to connect (for example Stripe, Vercel, Cloudflare via the Model Context Protocol). Uses Chrome's
chrome.identity.launchWebAuthFlow. - Scope: Invoked only when the User clicks "Connect" on a service card in Settings.
- What Daneel does not do: Authenticate the User to a WAEBS backend — there is no Daneel user account system. WAEBS never sees the OAuth tokens: they are stored in the User's browser and sent only to the service the User authorised.
webNavigation
- Purpose: Used for two User-initiated flows:
- Detect Single-Page Application (SPA) navigation events on pages where the widget is active (for example YouTube navigating between videos without a full page load) so the widget can refresh its state (for example re-extract the new video's transcript).
- Capture the redirect URI that completes an OAuth flow when the User connects a third-party service (e.g. an MCP server). Daneel listens for that redirect only in the tab it opened for the auth flow, and closes that tab as soon as the redirect is observed.
- What Daneel does not do: Record a history of pages the User visits. Navigation events are consumed in memory and not stored.
declarativeNetRequest
- Purpose: Remove the
OriginHTTP header onPOSTrequests the extension makes to certain third-party services that reject cross-origin preflight requests from browser extensions. This is the Manifest V3-compliant way to handle that constraint. - Scope: Applied only to extension-originated requests to services the User has registered.
- What Daneel does not do: Block ads, filter trackers, rewrite URLs, or modify any traffic that Daneel did not initiate itself.
alarms
- Purpose: Schedule a heartbeat (roughly every minute) so the background service worker can resume long-running tasks the User has started (site crawl, vault indexing, knowledge-graph build, data export, data import) after Chrome's Manifest V3 eviction of idle service workers.
- What Daneel does not do: Use alarms for standalone background operations. The alarm handler only resumes tasks the User has explicitly initiated; it does not start new work on its own.
notifications
- Purpose: Show native operating-system toast notifications when long-running background tasks reach a milestone (start, complete, failed, cancelled). Can be disabled in Settings → Notifications.
- What Daneel does: Render a toast such as
Indexing > site > example.com > Complete. No content of the task — no URL titles, no query text — is included. - What Daneel does not do: Use notifications for marketing, re-engagement, or upsell.
host_permissions: <all_urls>
- Purpose: Allow the Daneel widget to run on any website so the User can ask questions about the current page (Page Q&A) or index a site for later search (Site RAG).
- Scope: Daneel reads web page content only in response to an explicit User action: asking a question about the current page, or starting a site index. Once the User starts a site index, Daneel continues crawling that site's pages in the background service worker until the crawl is complete or the User cancels it — this is the continuation of the action the User started. Daneel does not read pages on sites where no indexing task has been started.
- What Daneel does not do: Crawl the open web without User initiation, build a profile of the User's browsing, or transmit page content to WAEBS servers.
6. Third-party services (sub-processors)
The following processors may receive or store data on behalf of WAEBS, each strictly for the operational purpose listed:
| Processor | What they do | Data they receive | Their policy |
|---|---|---|---|
| Stripe, Inc. (US) | Payment processing, Checkout UI, and the automatic payment receipt email sent to the purchasing email address | Email, card details (entered directly by the User), billing country, amount, currency | stripe.com/privacy |
| Supabase, Inc. (US; data hosted in EU West / Ireland) | Database (PostgreSQL) and backend hosting | Purchase records, license keys, activation counters | supabase.com/privacy |
| Vercel, Inc. (US; EU regions available) | Hosting the Daneel backend serverless endpoints and the public marketing site | Standard HTTP request metadata (IP, user-agent, timestamp) handled at the edge for routing and abuse-mitigation | vercel.com/legal/privacy-policy |
Resend (Ireland, EU West / eu-west-1) |
Transactional email delivery. Daneel sends the license-key confirmation email from noreply@daneel.injen.io via Resend after a successful purchase |
The purchasing email address, the license key, and the email body | resend.com/legal/privacy-policy |
| Google LLC (Chrome Web Store) | Extension distribution and automatic updates | Standard Chrome Web Store update telemetry, handled by Google | policies.google.com/privacy |
| Google Analytics 4 (Google LLC) | Optional anonymous product analytics (enabled by default, can be turned off in Settings → Privacy) | Event names from a fixed catalog, device/browser properties, timezone-derived coarse geography | policies.google.com/privacy |
| ipapi.co | Used only if the User opts in to IP-based geography enrichment (ipGeoEnabled toggle, off by default). A single HTTP call on service-worker startup |
The User's IP address (as part of any HTTP request) | ipapi.co/privacy |
| LLM backends the User configures | AI inference | The User's prompts and context, as the User chooses. Not WAEBS sub-processors — the User picks and controls them | Each provider's own terms |
7. Data storage and security
AI content and user data.
Lives entirely inside the User's browser (IndexedDB, chrome.storage.local) or on infrastructure the User or the User's employer operates (a self-hosted Ollama server, an Azure OpenAI tenant). WAEBS has no access.
Payment and license data.
Lives in the Daneel Supabase (PostgreSQL) database, in the EU West (Ireland) region. Encrypted at rest by Supabase. Access is restricted to WAEBS administrators via authenticated service credentials. Row-level security policies are applied on the server-side API layer.
Transit.
All network calls from the extension to the daneel.injen.io endpoints use HTTPS / TLS 1.2 or higher.
Retention.
- AI content, vaults, conversations, knowledge graphs — persist in the User's browser until the User deletes them from Daneel's UI or clears the browser's site data.
- Payment and license data — retained as described in §3.2.A.
- Operational logs — 30 days maximum.
- Telemetry (for Users who have not opted out) — retained by Google Analytics for up to 14 months (GA4's default).
Breach notification. In the event of a data breach affecting the Supabase records, WAEBS will notify affected Users by email within 72 hours of becoming aware of the breach, consistent with GDPR Articles 33 and 34, and notify the CNIL as required.
8. Data sharing and sale
- WAEBS does not sell personal information.
- WAEBS does not share personal information with advertisers, data brokers, or analytics vendors other than the processors listed in §6, and those only for the operational purposes described.
- WAEBS does not train AI models on User data — WAEBS has no access to User conversations in the first place.
- WAEBS may disclose data if compelled by a lawful request (subpoena, court order, or binding regulatory order), in which case it will notify the affected User to the extent legally permitted.
9. International data transfers
Stripe and Vercel are US-headquartered companies. Supabase is US-headquartered but offers regional data residency; Daneel's Supabase project uses the EU West (Ireland, eu-west-1) region, so license and payment records are primarily stored inside the EU. Resend is headquartered in Ireland and its infrastructure used for Daneel runs in the eu-west-1 region. Standard cross-border support and operations may still involve incidental access from outside the EU.
Where personal data is transferred to the United States or to any country that does not have an EU Commission adequacy decision, WAEBS relies on:
- Standard Contractual Clauses (SCCs) executed by each processor, and/or
- The EU–US Data Privacy Framework where the processor is certified.
Stripe and Supabase both publish SCC-backed Data Processing Addenda.
10. User rights
10.1. Users in the European Union, European Economic Area, United Kingdom, or Switzerland (GDPR / UK GDPR / Swiss FADP)
Users have the right to:
- Access (Art. 15) — request a copy of the personal data held about them
- Rectification (Art. 16) — have inaccurate data corrected
- Erasure (Art. 17) — have their data deleted, subject to tax-retention obligations that may require WAEBS to keep certain purchase records for the statutory period (ten years)
- Restriction (Art. 18) — ask WAEBS to stop processing in specific situations
- Portability (Art. 20) — receive the data they provided in a structured, commonly used, machine-readable format
- Object (Art. 21) — object to processing based on legitimate interest
- Withdraw consent at any time where processing is based on consent
- Lodge a complaint with the relevant national data protection authority. For France, this is the CNIL (cnil.fr)
To exercise these rights, Users may email think+daneel-privacy@injen.io from the address associated with the purchase. WAEBS responds within 30 days.
10.2. California residents (CCPA / CPRA)
California residents have the right to:
- Know what personal information has been collected about them
- Delete their personal information, subject to the tax-retention exception above
- Correct inaccurate personal information
- Opt out of sale or sharing of personal information — not applicable, because WAEBS does not sell or share personal information
- Non-discrimination for exercising any of these rights
To exercise these rights, California residents may email think+daneel-privacy@injen.io.
10.3. Other jurisdictions
Residents of Brazil (LGPD), Canada (PIPEDA), and other jurisdictions with equivalent frameworks may exercise analogous rights by contacting WAEBS at the same address.
11. Children's privacy
Daneel AI is not directed at children. WAEBS does not knowingly collect personal data from anyone under 13 (United States, COPPA) or, where applicable, under 16 (European Union). If WAEBS becomes aware that it has inadvertently collected data from a minor, it will delete that data promptly. Guardians who believe their child has provided personal data may contact think+daneel-privacy@injen.io.
12. Changes to this policy
- Changes are reflected by updating the Last updated date at the top of this page.
- Material changes — for example, adding a new sub-processor, changing the region in which data is stored, or adding a new category of data collected — will also be announced in the extension's release notes and in the News section inside Daneel.
- Continued use of Daneel after a material change constitutes acceptance of the updated policy.
13. Contact
For any question, request, or complaint about this policy or a User's personal data:
Postal mail:
WAEBS — Daneel AI Privacy 131 Boulevard Pereire 75017 Paris France
Response SLA: WAEBS responds within 30 days.
14. Chrome Web Store Limited Use disclosure
Daneel AI's use and transfer of information received from Google APIs to any other app will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
Daneel AI does not currently use Google OAuth or any Google user-data API. If that ever changes, the following additional Limited Use language applies, verbatim:
Daneel AI's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
This page is served as both HTML and Markdown at the same URL. The .md version is intended for automated processing and AI crawlers and is linguistically identical to the rendered page.