Privacy

Last updated: April 2026

sum.md does not sell, share, or monetize your data. This policy explains exactly what we collect, how it is used, and how you control it.

Data We Process

We collect only what is necessary to operate the service:

We do not track your browsing activity beyond pages you actively choose to save.

Your Content

Entries are stored in an isolated per-account workspace and are never visible to other users. AI-generated summaries and embeddings are derived from your content and stored alongside it — they exist solely to power search and context retrieval within your account.

Extension Behavior

The browser extension stores your API key in local browser storage. When you save a page, it transmits only the URL, title, and extracted content to sum.md over HTTPS. No data is collected passively; the extension takes action only when you explicitly trigger a save.

Sessions & Credentials

Authentication sessions are managed via secure HTTP-only cookies. API keys and OAuth tokens are displayed once on creation and not stored in recoverable form. You can revoke any credential from the Settings page at any time; revocation takes effect immediately.

AI Pipeline

Content you save is processed server-side by third-party AI models to generate summaries, tags, and embeddings. Your content is not used to train external models, and processing occurs only within the sum.md infrastructure boundary.

Infrastructure Partners

Each provider processes data only as needed to deliver sum.md functionality. We do not grant partners access beyond what is required for their role.

Data Controls