Privacy Policy

Klickbrain is local-first. The browser extension and the desktop app run on your machine. We do not collect analytics, we do not use third-party trackers, and we do not transmit the pages you visit or the content you record to our servers. The only data that ever leaves your machine is what you explicitly send — for example, the text of a step that you choose to resolve via your own AI provider, or, if you opt in to Pro sync, your saved skills synced to your own account.

The Klickbrain Recorder extension reads page content only while you are actively recording or replaying a skill. When recording, it observes click, input, and form-submit events and captures resilient selectors (id, ARIA role, accessible name, nearby text) so the action can be replayed later. When idle, the extension does not read or transmit page content.

The extension communicates exclusively with the Klickbrain desktop app over a loopback WebSocket on http://127.0.0.1:8731. It does not talk to any external host.

• Recorded skills are stored in a local SQLite database in the desktop app's user-data directory on your machine.
• API keys (e.g. your Anthropic key, used only if you enable AI fallback for replay) are stored encrypted via the operating system keychain — DPAPI on Windows, Keychain on macOS, and libsecret on Linux — through Electron's safeStorage.
• Cross-machine sync is opt-in and only available on Klickbrain Pro. If enabled, your skills are encrypted and synced to your Klickbrain account so they appear on your other devices. You can disable sync at any time from the desktop app.

• No analytics, telemetry, or usage tracking.
• No third-party trackers or advertising SDKs.
• No collection of pages you visit, browsing history, or page content while you are not recording.
• No collection of API keys or secrets — they live only on your device.

If a recorded selector fails during replay, the desktop app can optionally call your configured AI provider (e.g. Anthropic) to resolve the step. This call is initiated by your machine using your API key. The relevant DOM context for that single step is sent to your provider. Klickbrain does not see, log, or proxy these requests. AI fallback is on by default but can be disabled in settings.

• storage — saves recording session state across the popup open/close cycle.
• tabs — knows which tab is active to send recorded events to the right page during replay.
• alarms — periodic reconnect to the local desktop bridge.
• host_permissions: 127.0.0.1:8731 — communicates with the local Klickbrain desktop app over WebSocket on a fixed loopback port. No external hosts.
• content scripts on all URLs — records and replays user actions on whatever page you open. The content scripts only act when you press Record or Replay; the extension is opt-in per session.

Local data persists until you delete it from within the desktop app or uninstall Klickbrain. If you opt in to cross-machine sync, deleting a skill on one device deletes it from your account. Account deletion removes all synced data within 30 days.

Klickbrain is not directed at children under 13 and we do not knowingly collect personal information from children.

If we make material changes to how Klickbrain handles data, we will update this page and bump the date at the top. Continued use after a change constitutes acceptance.

Questions or concerns? team@klickbrain.com