Privacy Policy

1. The short version

Stashr is a tool for saving and organizing the things you find online. Your library is yours. Here is the whole policy in a few lines:

• We collect the information you give us (your account details), the content you choose to save, and a small amount of technical data needed to run the service securely.
• We use AI to tag your saves and power natural-language search. We do not let our AI providers train their general-purpose models on your content.
• We do not run advertising trackers, we do not sell your data, and we do not build profiles of you to sell to anyone.
• The browser extension only runs on the sites it supports, and only captures the items you explicitly choose to save. It does not read your general browsing history.
• You can export, correct, or delete your data at any time, and you can delete your whole account from settings.

The sections below explain each point in detail. If anything is unclear, email us at privacy@stashr.me.

2. Who we are and what this covers

Stashr is operated by Deckard Gerritsen, a sole trader based in Australia, trading as "Stashr" ("Stashr", "we", "us", or "our"). For the purposes of Australian privacy law, we are the entity responsible for the personal information described in this policy.

This Privacy Policy applies to:

• the Stashr website and marketing pages;
• the Stashr web application where you manage your library;
• the Stashr browser extension; and
• any related emails and support we provide.

We handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Because Stashr is available internationally, we also honor the rights described in the Your rights section for users in the European Economic Area, the United Kingdom, and California, even where those laws may not strictly apply to us.

By using Stashr you agree to this policy. It works alongside our Terms of Service.

3. Information we collect

Account and identity information

When you create an account we collect your name and email address. If you sign in with Google, we receive your name, email, and profile picture from Google, along with the authorization tokens needed to keep you signed in. We also store whether your email has been verified and an optional profile image.

Authentication and security data

To keep your account secure we store session records, including a session token, your IP address, and your browser's user-agent string, as well as short-lived one-time codes used to verify sign-in. Passwords (where used) are hashed by our authentication system and are never stored in plain text.

Subscription and billing information

Payments are handled by our payment processor, Polar. We do not see or store your full card number or bank details. We store the information needed to manage your plan: your subscription status, plan, billing period end date, your trial end date, and the identifiers that link your Stashr account to your Polar customer record.

The content you save ("Your Library")

This is the core of what Stashr stores for you. When you save an item, we collect and store:

• the source URL, title, and the full text or body of the post, article, or page you saved;
• media associated with the item, such as images, video thumbnails, and GIFs, which we may store on our own storage so your library stays intact even if the original disappears;
• platform metadata about the item, such as the platform it came from, its identifier on that platform, timestamps, and platform-specific details (for example a subreddit name or music track);
• information about the original author and other people that appears in what you saved, such as a handle, display name, profile link, and avatar; and
• the tags, collections, and notes you create, plus the method and time the item was captured.

Because Stashr saves real content from the open internet, your library may contain personal information about people other than you. See Information about other people in your library for how we handle that.

Information generated by AI processing

To make your library searchable, we generate additional data from your saves: suggested tags and labels, short captions for images, and numeric "embeddings" (vector representations of your content) that power natural-language search. See AI processing of your content.

Search and usage data

When you search your library we log the query, the filters you applied, how many results came back, and how long the search took. We use this to keep search fast and to improve result quality. We do not use it for advertising.

Communications and feedback

If you email us, join a waitlist, or send feedback (including feedback when you uninstall the extension), we keep that message and your contact details so we can respond and improve the product.

Information we do not collect

To be explicit, Stashr does not:

• run third-party advertising or analytics trackers;
• sell or rent your personal information to anyone;
• collect your card or bank account numbers (Polar handles that);
• intentionally collect sensitive information such as health, biometric, or government-identifier data; or
• track your browsing across the web or on sites you have not asked Stashr to save from.

4. How the browser extension works

The Stashr browser extension is what lets you save content directly from the platforms you use. We want to be precise about what it does, because an extension that can read web pages deserves a clear explanation.

It only runs on the sites it supports. The extension is granted access to a fixed set of sites, currently X (Twitter), Reddit, Instagram, and TikTok, plus the media servers those platforms use to host images and video. It does not run on, read, or have access to any other website you visit.

It only captures what you save. On those supported sites, the extension observes the data the platform's own app already loads so it can capture the items you choose to save (and, when you ask it to, import items you have already saved on that platform). It is not a general browsing-history logger and does not send us a record of the pages you look at.

To do this reliably, the extension requests permissions to store your save queue locally, manage your Stashr sign-in, and open or read the supported platform tabs. It does not inject advertising or tracking code into the pages you visit.

5. How we use your information

We use the information described above to:

• provide the service: save, store, sync, organize, and search your library across your devices;
• generate AI tags, captions, and search embeddings for your saved content;
• create and manage your account, trial, and subscription;
• keep Stashr secure, prevent abuse, and debug problems with capturing content;
• respond to your support requests and feedback;
• send you essential service emails, such as sign-in codes and billing notices; and
• comply with our legal obligations and enforce our Terms of Service.

For users in the EEA and UK, our legal bases are: performing our contract with you (providing the service), our legitimate interests (keeping Stashr secure and improving it), your consent (where we ask for it), and compliance with legal obligations.

6. AI processing of your content

Stashr uses artificial intelligence to make your library useful: to suggest tags, to describe images, and to power natural-language search. To do this, content you have saved is sent to our AI provider for processing.

What we send:

• for tagging, the title and body text of a saved item (truncated for long items), any images in it, and your existing tags so suggestions stay consistent with your own labels;
• for search, the text of your saved items is converted into embeddings so we can match the meaning of your query, not just keywords.

AI processing only ever applies to content you chose to save. We do not feed your private library to AI for any purpose other than providing these features to you.

No training on your content. Our AI provider processes your content through their business API, under terms that do not permit your content to be used to train their general-purpose models. We do not sell your content and we do not use it to train models for other customers.

AI features are automated and can be imperfect. Suggested tags and captions may occasionally be wrong; you remain in control of your tags and can edit or remove them at any time.

7. How we share information and our sub-processors

We do not sell your personal information. Our default is not to access your library at all. We share information only in these situations:

• With service providers (sub-processors) who help us run Stashr, listed below. Each is bound to use the data only to provide their service to us.
• To comply with the law or a valid legal request, or to protect the rights, safety, and property of Stashr, our users, or the public.
• In a business transfer, such as a merger, acquisition, or sale of assets, in which case your information may be among the transferred assets. We will tell you if this changes who controls your data.

The third parties that process data on our behalf are:

We may update this list as our service evolves. Material changes to our sub-processors will be reflected here with an updated date.

8. Information about other people in your library

When you save a post, it often contains personal information about someone other than you: the author's name, handle, profile picture, and whatever they wrote or posted. You decide what to save, and we store and process that content to provide your private library to you.

Your library is private to you. We do not make it public, and we do not use the people in your saves to build advertising profiles or share their information with anyone.

If you are not a Stashr user but believe your personal information may be stored inside someone's Stashr library and you would like it addressed, email us at privacy@stashr.me and we will respond in line with applicable law.

9. Cookies and similar technologies

Stashr uses the minimum storage needed to work. Specifically:

• a session cookie that keeps you signed in (strictly necessary);
• local storage in your browser for preferences such as your light or dark theme; and
• extension storage that holds your pending saves and sign-in state.

We do not use advertising cookies, cross-site tracking pixels, or third-party analytics cookies. Because we only use strictly necessary storage, Stashr does not need a tracking-consent banner.

10. International data transfers

Stashr is operated from Australia. Some of our sub-processors (for example our AI and email providers) may store or process data on servers in the United States or other countries. Whenever data is transferred overseas, we take reasonable steps to ensure it is handled consistently with this policy and with applicable law.

For users in the EEA and UK, where we transfer personal data outside your region we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses, with the providers concerned.

11. How long we keep your data

We keep your account information and library for as long as your account is active. After that:

• when you archive or delete a saved item, it is removed from your active library and permanently purged shortly afterwards;
• when you delete your account, we delete your library and personal information and ask our payment processor to remove your customer record;
• search and error logs that help us run and improve the service are kept for a limited period; and
• because of the way backups and system logs work, residual copies of deleted data may persist for a short time in backups before they are overwritten.

12. How we protect your data

We protect your information using industry-standard measures, including encryption in transit (HTTPS/TLS), hashed credentials, and access controls that limit who can reach your data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work to protect your information and to address issues promptly. To report a security concern, email security@stashr.me.

13. Your rights and choices

You can exercise the following at any time:

• Access and correction: view and update your account details, tags, and saves directly in the app.
• Deletion: delete individual saves, or delete your entire account and library, from your account settings.
• Portability: request a copy of your data in a machine-readable format by emailing us.

Under the Australian Privacy Principles you have the right to access and correct the personal information we hold about you. If you are in the EEA or UK, you also have rights to erasure, restriction, objection, and portability, and to withdraw consent. If you are a California resident, you have the right to know what we collect, to request deletion, and to opt out of the "sale" of personal information (note that we do not sell personal information).

To make a request, email privacy@stashr.me. If you are in Australia and are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC). Users in the EEA or UK may also lodge a complaint with their local data protection authority.

14. Children's privacy

Stashr is not directed at children. You must be at least 16 years old to use Stashr. We do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, contact us at privacy@stashr.me and we will delete it.

15. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page, and for material changes we will provide a more prominent notice (for example by email or in the app). Your continued use of Stashr after an update means you accept the revised policy.

16. Contact us

For any privacy question or request, or to reach the person responsible for Stashr's data practices, contact us:

• Privacy and data requests: privacy@stashr.me
• Security reports: security@stashr.me
• General support: support@stashr.me

Stashr is operated by Deckard Gerritsen (sole trader), Australia. A postal address is available on request.