Privacy Policy

Welcome to Manifest! This Privacy Policy explains how we collect, use, disclose, and protect information when you use our browser extension, web application, and related services (the “Service”). By using the Service, you agree to this Policy.

1) Information We Collect

Account & Profile: When you sign up, we may collect your email, a hashed password, and optional profile details. If you subscribe to paid features, billing details are handled by our payment provider (e.g., Stripe).

Construct Data: You can create and save “Constructs” (e.g., layouts, tabs, themes, notes, rules). Constructs may be stored locally in your browser extension and/or, if you enable sync, on our servers. We do not collect the contents of third-party web pages you visit unless you explicitly save that content into a Construct.

Payments: Manifest uses third-party providers like Stripe to process subscriptions. Sensitive payment details are sent directly to Stripe and never stored by Manifest. We receive non-sensitive metadata (e.g., subscription ID, billing status) to operate your account.

Device, Cookies & Usage: The web app may use cookies or similar identifiers for authentication and basic analytics. The extension uses browser storage and may send minimal telemetry (e.g., feature usage counts) only if you opt-in where required. See our Cookie Policy.

2) How We Use Information

• Provide and operate the Service (store/sync Constructs, manage accounts).
• Maintain security, prevent fraud/abuse, and troubleshoot issues.
• Communicate about accounts, subscriptions, updates, and support.
• Improve features and performance through analytics and research.
• Comply with legal obligations and enforce our Terms of Use.

3) How We Share Information

With Service Providers: Hosting, analytics, email delivery, and payment processing (e.g., Stripe). Providers are bound to use your data only to perform services for us.

With Other Users: If you choose to publish or share a Construct, the name, description, and contents of that Construct may be visible to others according to your sharing settings.

For Legal/Compliance: We may disclose information if required by law, regulation, legal process, or to protect rights, safety, and integrity of users and the Service.

No Selling of Personal Data: We do not sell your personal information.

4) Cookies & Similar Technologies

We use essential cookies for authentication and session management, and functional/analytics cookies to improve experience. Manage preferences via your browser and see our Cookie Policy.

5) Data Retention

We retain account and Construct data for as long as needed to provide the Service and for legitimate business or legal purposes. We delete or anonymize data when it is no longer required.

6) Security

We use administrative, technical, and organizational measures to protect information. However, no method of transmission or storage is 100% secure. Keep your password confidential and use a strong, unique passphrase.

7) Your Choices & Rights

You can update account details in your settings or contact us for access, correction, deletion, or portability where applicable by law. Some data (e.g., billing or audit records) may be retained as required.

8) International Transfers

We may process data in countries other than where you live. Where required, we use appropriate safeguards for cross-border transfers.

9) Children’s Privacy

Manifest is not directed to children under 13 (or other age as defined by local law). If you believe a child has provided us personal information, please contact us to request deletion.

10) Changes to This Policy

We may update this Policy from time to time. We’ll revise the “Last Updated” date above and, when appropriate, provide additional notice.

11) Extension-Specific Privacy Addendum

Permissions Transparency: The extension only requests the permissions needed for declared features (e.g., reading tab metadata, managing windows, applying allow/deny rules). We do not capture keystrokes, passwords, or page contents by default.

Local-Only by Default: Notes and settings created in the extension may remain local to your device. When you enable sync, we process and store your Construct data to provide cross-device functionality.

Telemetry: If enabled, we may collect privacy-respecting, aggregate metrics (e.g., number of Constructs, feature toggles, non-content error logs) to improve reliability. You can disable telemetry in settings.

Deletion: You can remove local extension data from your browser and may request deletion of synced data via your account settings or by contacting us.

12) Contact

Questions about privacy? Please contact us using the method provided on our site.