Privacy Policy

Last Updated: December 29, 2024

Overview

Tavlo ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our web application and browser extension.

Information We Collect

1. Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Authentication credentials (managed by Clerk)

2. Saved Content

When you save links, we store:

  • URLs you save
  • Optional notes you add
  • Metadata extracted from saved links (title, description, images)
  • Platform information (Twitter, Reddit, etc.)
  • Timestamps

3. Browser Extension Data

Our Chrome extension accesses:

  • Active Tab URL: To save the current page you're viewing
  • Authentication Token: Stored locally in Chrome sync storage to keep you logged in
  • Page Metadata: To extract titles and platform information

4. Usage Data

We automatically collect:

  • IP address (for rate limiting and security)
  • Browser type and version
  • Usage patterns (features used, frequency)
  • Error logs (for debugging)

How We Use Your Information

We use your information to:

  • Provide and maintain the Tavlo service
  • Save and organize your content
  • Extract metadata from saved links
  • Track reading habits and generate statistics
  • Award achievement badges
  • Prevent abuse and enforce rate limits
  • Improve our service and fix bugs
  • Communicate important updates

Data Storage and Security

Encryption

All data is transmitted over HTTPS and stored securely using industry-standard encryption.

Authentication

We use Clerk for authentication, which provides enterprise-grade security and compliance (SOC 2 Type II, GDPR, CCPA).

Data Retention

We retain your data as long as your account is active. You can delete your account and all associated data at any time.

Browser Extension Permissions

Our Chrome extension requests the following permissions:

activeTab

Why we need it: To read the URL and title of the page you want to save.

What we access: Only the current tab's URL and metadata when you click "Save to Tavlo".

contextMenus

Why we need it: To add "Save to Tavlo" to your right-click menu.

storage

Why we need it: To store your authentication token locally so you stay logged in.

What we store: Only your session token (encrypted by Chrome).

scripting

Why we need it: To extract accurate URLs from Single Page Applications (Twitter, TikTok, etc.).

notifications

Why we need it: To notify you when links are saved successfully or if errors occur.

Third-Party Services

We use the following services:

  • Clerk: Authentication and user management
  • Vercel: Hosting and infrastructure
  • Upstash: Redis caching and rate limiting

These services have their own privacy policies and handle data according to industry standards.

Data Sharing

We do NOT sell your data.

We may share your information only in these cases:

  • With your explicit consent
  • To comply with legal obligations (court orders, subpoenas)
  • To protect our rights and prevent fraud
  • With service providers who help operate our service (under strict confidentiality agreements)

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and all data
  • Export your saved links
  • Opt out of non-essential emails
  • Withdraw consent at any time

Children's Privacy

Tavlo is not intended for users under 13 years of age. We do not knowingly collect information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us: