Privacy Policy

Last updated: March 2026

Daysift was built with privacy as a core principle, not an afterthought.

Your data stays on your device

Daysift runs entirely on your computer. There are no accounts, no cloud sync, and no servers storing your data.

What's stored locally:

Page titles and URLs from your work apps
Notes and pins you create
Your settings and preferences

What leaves your device (only when you choose):

AI classification: Anonymised metadata (hostname, path pattern) sent to Cloudflare Workers AI
AI search: When you ask Daysift AI a question, your query is processed by Groq with Zero Data Retention
Favicons: Domain names sent to Google to display site icons
Daysift subscription: If you upgrade to a paid plan, payment is processed by Lemon Squeezy

Regular search with ⌘J runs entirely on your device. No network requests, no data sent anywhere.

What Daysift Indexes

Daysift uses a predefined allowlist of work apps — it only indexes pages from productivity tools, not your entire browsing history. This includes tools like:

Google Docs, Sheets, Slides, Drive
Notion, Figma, Linear, Jira
GitHub, GitLab, Confluence
Slack, Asana, and similar productivity tools

What's NOT indexed: Personal browsing, social media, banking, shopping, email content, and any sites not on the work app list. You can customize this list in settings if needed.

Why Chrome Shows Permission Warnings

When you install Daysift, Chrome shows a warning that the extension can "read your browsing history." Here's what that actually means for Daysift:

What the permission allows

Read page titles and URLs from your allowlisted work apps
Store this data locally inside your browser so you can search it later

What Daysift does NOT do

Access passwords or autofill data
Read form inputs
Track sites outside the predefined work app list
Send your history to any server
Run in the background when you're not using it

Note on page content: Daysift extracts keywords from work app pages to improve local search. This data stays on your device and is never sent anywhere. When you use AI search, only page titles are shared — not the extracted content.

The broad Chrome permission warning exists because Chrome doesn't distinguish between extensions that send data to servers and ones like Daysift that keep everything local. We need this permission to provide search functionality, but we've designed Daysift to be as privacy-respecting as possible.

What's Stored on Your Device

Data stored on your device never leaves your computer. Only you can access it — we cannot see, retrieve, or analyse it.

Data	Where	Why
Page titles, URLs & keywords from work apps	Your browser's local storage	So you can search your work history
Notes you write	Your browser's local storage	So your notes persist between sessions
Pinned items	Your browser's local storage	Quick access to frequent pages
Your settings	Your browser's local storage	Remember your preferences

When Data Leaves Your Device

Feature	What's sent	Where	Your control
Regular search (⌘J)	Nothing	Runs locally	100% offline
AI classification	Anonymised metadata only (hostname, path pattern, title category)	Cloudflare Workers AI	Automatic for new pages (no full URLs or titles sent)
AI search (Ask AI button)	Your query + relevant page titles	Groq (Zero Data Retention)	Only when you click "Ask AI"
AI writing tools (in notes)	Your selected text	Groq (Zero Data Retention)	Only when you click improve/shorten/etc.
Favicons	Domain names only (e.g., "notion.so")	Google	Can be disabled
Payment	Card details (we never see these)	Lemon Squeezy	Only when you upgrade

The key difference: Regular search with ⌘J never touches the network. AI search (via the "Ask AI" button) sends your query to Groq with Zero Data Retention. You're always in control of which one you use.

About AI Data Processing

Daysift uses a privacy-preserving AI architecture with two providers, chosen specifically for their data handling practices.

Why not OpenAI or Anthropic?

We evaluated multiple AI providers and rejected those with data retention policies:

OpenAI: Retains API data for up to 30 days
Anthropic (Claude): Retains API data for up to 30 days (7 days with opt-out)
Groq: Zero Data Retention — nothing logged or stored

We chose Groq because "less retention" wasn't good enough. We wanted zero.

What is Groq?

Groq is an AI inference company (not to be confused with Elon Musk's "Grok" chatbot from xAI). Groq provides fast AI inference with a Zero Data Retention policy — your queries are processed and immediately discarded, never logged or stored. See Groq's Privacy Policy.

Two-tier architecture

Daysift uses two AI services for different purposes:

1. Classification (Cloudflare Workers AI)

When Daysift encounters a new page, it may use AI to classify whether it's a work tool. This runs on Cloudflare Workers AI (Llama 3.3 70B) and receives only:

Hostname (e.g., "github.com")
Generalised path pattern (e.g., "/*/*/issues/*" — not the actual URL)
Title category (e.g., "code" — not the actual title)

Never sent: Full URLs, actual page titles, page content, or any identifying information.

2. Search & Summarisation (Groq)

When you use "Ask AI", your query is processed by Groq (GPT-OSS 120B model). This includes:

Your question (the text you type)
Relevant page titles from your local search results
Domain names of those pages

Never sent: Page content, your notes, your pins, or browsing history beyond relevant results.

Zero Data Retention

Groq's Zero Data Retention means:

Your queries are not logged
Your queries are not stored
Your queries are not used for training
Data exists only for the duration of processing, then vanishes

We have explicitly enabled Zero Data Retention in our Groq account settings. See Groq's Privacy Policy for details.

Your consent and withdrawal

First use: When you first use AI search, you'll be asked to consent. AI features won't work until you accept.

Withdrawal: You can revoke your consent at any time in the extension's Settings → AI Search. After revoking, you'll need to consent again to use AI features.

After uninstall: If you uninstall Daysift, your local data is deleted immediately. With Groq's Zero Data Retention, there's nothing retained on their end either.

What We DON'T Collect

No accounts or login
No email addresses (unless you contact us)
No analytics or tracking
No passwords or form data
No cloud storage of your data
No data leaves your device (except AI queries processed with Zero Data Retention when you explicitly use AI search)

Your Control

See your data: It's on your device — open browser dev tools
Delete everything: Uninstall the extension
AI queries: Not stored by us or Groq (Zero Data Retention)

Third-Party Services (Data Processors)

When you use certain features, your data may be processed by these third-party services:

Service	Role	What they receive	Their policy
Cloudflare Workers AI	Processor (classification)	Anonymised metadata only (hostname, path pattern, title category)	cloudflare.com/privacy
Cloudflare Workers	Processor (proxy)	AI queries routed to Groq, IP address, request metadata	cloudflare.com/privacy
Groq	Processor (Zero Data Retention)	AI queries + relevant page titles — not logged or stored	groq.com/privacy-policy
Google Favicon API	Processor	Domain names only	google.com/privacy
Lemon Squeezy	Controller (payments)	Payment details, email	lemonsqueezy.com/privacy

We have Data Processing Agreements (DPAs) in place with our processors. Cloudflare's DPA is incorporated by reference in their Customer DPA. Groq's terms are available at groq.com/terms-of-use.

Note: Groq is an AI inference company, not to be confused with "Grok" (xAI's chatbot).

Security

Your data lives in your browser's local storage. We can't access it. External transmissions (AI queries) use HTTPS encryption.

GDPR & Data Protection

For users in the UK and EU, here's how data protection roles work with Daysift:

Local data (most of Daysift)

Since Daysift stores your data locally on your device and we cannot access it, traditional data controller/processor roles don't apply to this data. You control your own data.

When you use AI features

When you use "Ask AI," your query is processed by Groq with Zero Data Retention. In this case:

Daysift acts as a data controller (we decide to use Groq and Cloudflare for AI features)
Cloudflare acts as a data processor for classification (anonymised metadata only)
Groq acts as a data processor for search/summarisation (Zero Data Retention — nothing stored)

Groq processes data in accordance with their Privacy Policy and Terms of Use.

When you make a payment

Payment processing is handled by Lemon Squeezy, who acts as an independent data controller for payment data. See their Privacy Policy.

International data transfers

When you use AI features, your data may be transferred outside the UK/EU:

Cloudflare: May process data in various locations globally. Covered by their DPA which includes Standard Contractual Clauses (SCCs) and UK International Data Transfer Agreement (IDTA).
Groq: Processes data in the United States with Zero Data Retention — data is processed ephemerally and never stored. See Groq's Privacy Policy.

These transfer mechanisms ensure your data receives adequate protection when processed outside the UK/EU, as required by data protection law. With Groq's Zero Data Retention, data exists only for the duration of processing.

Your rights

Under UK GDPR and EU GDPR, you have the right to:

Access: Your local data is already accessible to you in your browser
Deletion: Uninstall the extension to delete all local data
Portability: Your data is stored in your browser and can be exported via developer tools
Object: Don't use AI features if you don't want data processed by Groq
Withdraw consent: Revoke AI consent anytime in Settings → AI Search

For questions about data protection, email hello@daysift.com.

Changes

We'll update this page if anything changes. Major changes will be noted in the extension update notes.

Contact

Questions? Email us at hello@daysift.com