This policy applies to the Shelf browser extension and web application ("Shelf", "we", "our"). By using Shelf, you agree to this policy.
Shelf is a personal media bookmarking tool. All data you create in Shelf is stored locally on your device. We do not operate servers that store your personal data, and we do not sell, rent, or share your data with third parties for advertising or commercial purposes.
The table below describes every category of data that Shelf accesses, where it is stored, and how it is used.
| Data type | What it includes | Where stored | Purpose | Shared? |
|---|---|---|---|---|
| Shelf items | URLs, titles, notes, tags, thumbnails, type, date saved | Local device only | Core functionality — your personal library | Never |
| Profile information | Display name, @handle, avatar emoji (optional) | Local device only chrome.storage.sync |
Personalisation; synced across your own devices via Chrome | Never |
| Friends list | Friend names, handles, colours (user-defined nicknames only) | Local device only | Organising shared shelves and collab stacks | Never |
| Open tab titles and URLs | Titles and URLs of your open browser tabs | Memory only — never persisted | Displayed in the Tabs panel so you can save tabs to your shelf. Read only when you open the panel. | Never |
| Current page metadata | Title, URL, OG image of the active tab | Memory only — never persisted | Pre-fills the save form when you right-click or use the popup. Only read on explicit user action. | Never |
| AI auto-tagging input | URL and page title of items you save | Sent to Anthropic API | Suggests content type and tags using Claude. See section 4. | Anthropic only |
| Platform import data | Your Goodreads username, Letterboxd username, or Spotify playlist URL | Sent to Anthropic API | Used to fetch and parse your public profile/playlist. See section 4. | Anthropic only |
| Theme preference | Light or dark mode setting | Local device only | Remembers your display preference | Never |
The majority of your data — shelf items, friends, shelves, collab stacks, custom types — is stored using chrome.storage.local (in the browser extension) or localStorage (in the web app). This data exists only on your device and is never transmitted to any server operated by Shelf.
Your profile name and handle may be stored in chrome.storage.sync, which allows them to persist across devices where you are signed in to Chrome. This data is transmitted through Google's infrastructure subject to Google's privacy policy. You can disable this by not creating a profile.
Your data is retained until you delete it. You can clear all data at any time using the Clear All option in the app sidebar. Uninstalling the extension removes all locally stored data.
When you use the AI auto-tagging feature or import content from Goodreads, Letterboxd, or Spotify, Shelf sends the relevant URL or page title to the Anthropic API. This data is used solely to generate suggestions and is subject to Anthropic's privacy policy. No personal profile data, shelf contents, or browsing history is sent to Anthropic.
Shelf loads typography from Google Fonts (Google's privacy policy). This results in a network request to Google's servers when the app loads.
Icon assets are loaded from unpkg.com, a public CDN. No personal data is sent in this request.
When displaying saved items, Shelf may request favicons from Google's favicon service (google.com/s2/favicons) using only the domain name of saved URLs. No personal data is transmitted.
Company logos may be fetched from Clearbit's public logo API using domain names only. No personal data is transmitted.
Shelf does not sell, rent, trade, or share your personal data with any third party for commercial or advertising purposes. The only external data transmissions are those described in section 4 above, all of which are initiated by you and limited to the minimum data necessary for the feature to function.
Shared shelf pages: When you choose to share a shelf as a link or exported HTML page, the recipient can see the items you included. You have full control over what is shared. Shelf does not host these pages.
The following permissions are requested by the Shelf browser extension and the reason each is needed:
Shelf is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided personal information through Shelf, please contact us and we will take steps to remove it.
Since all your data is stored locally on your device, you have full control over it at all times:
For data held by third-party services (Anthropic, Google), please refer to their respective privacy policies linked in section 4.
Because your data is stored locally and not transmitted to Shelf servers, the security of your data depends primarily on the security of your device and browser. We do not implement additional server-side security measures because we do not hold your data on servers.
We may update this policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of Shelf after changes constitutes acceptance of the updated policy. For significant changes we will make reasonable efforts to notify users.
If you have questions or concerns about this privacy policy or how Shelf handles data, please contact us: