Privacy Policy

StayLogged is a browser extension and related service for encrypted browser cookie backup, restore, and sync. This policy explains what data the product processes, what data leaves the browser, and what control you keep over that data.

Scope

This policy applies to the StayLogged website, the StayLogged browser extension, and the backend services used to support account authentication, encrypted backup storage, and encrypted sync delivery.

What the Extension Does

After you grant the required optional permissions, the extension can read browser cookies from the browser profile you choose, write cookies back during restore, and monitor cookie changes for sync rules that you configure.

StayLogged is designed for backup, restore, and synchronization of browser login state. It is not designed to collect browsing history as a separate product feature.

Permissions and Why They Are Needed

• The extension requests the optional cookies permission so it can read, write, remove, back up, restore, and sync browser cookies.
• The extension requests the optional <all_urls> host permission because browser cookies are scoped to site domains and paths. Broad host access is required for cookie operations across the domains you choose to manage.
• If you do not grant these optional permissions, the extension cannot perform its core backup, restore, or sync features.

Data Processed Locally on Your Device

• Browser cookies selected by your backup or sync actions.
• Local encryption keys and key material used to protect backup and sync payloads.
• Local repository data used to manage device state, sync rules, runtime status, mutation queues, and diagnostics.
• Session state required to keep the extension signed in and to authorize background sync.

Data Transmitted to StayLogged Services

• Encrypted cookie backup payloads.
• Encrypted sync mutation payloads and encrypted sync connection material.
• Account and authentication information needed to register, sign in, refresh sessions, manage devices, and authorize access to the service.
• Service-operational metadata such as account identifiers, session identifiers, device identifiers, cloud store identifiers, and timestamps associated with sync and account actions.
• Security and audit records needed to support account security, device management, and sync event review.

What StayLogged Does Not Use as a Product Feature

• StayLogged does not use plaintext passwords as a stored product output.
• StayLogged does not offer browsing history collection as a separate analytics or advertising feature.
• StayLogged does not sell personal data or encrypted cookie payloads to advertisers or data brokers.
• StayLogged is designed so that encrypted cookie payloads are not readable on the server without device-held keys.

Encryption Model

StayLogged is designed so that cookie backup and sync payloads are encrypted on your device before they are sent to backend services. The service stores encrypted payloads and delivers encrypted sync data between authorized devices.

Decryption requires keys held on the user's device. This is why we describe the system as end-to-end encrypted for cookie payloads. Account metadata, service identifiers, and operational records still need to be processed by the service to operate the product.

Account, Device, and Support Data

StayLogged operates as an account-based service. To provide login, device registration, session refresh, cloud slot management, and account security features, the service processes account registration information, account identifiers, device identifiers, session identifiers, and related security records.

If you contact support, any information you send to the support channel, such as screenshots or troubleshooting details, may be processed to answer your request.

How Data Is Used

• To authenticate accounts and devices.
• To create, store, and deliver encrypted browser cookie backups.
• To run encrypted sync sessions between authorized browsers.
• To display device, account, and security information inside the extension.
• To prevent abuse, investigate operational issues, and maintain service integrity.

Data Retention

StayLogged retains data for as long as reasonably necessary to operate the service, maintain account security, enforce service rules, resolve disputes, and comply with legal obligations. Different categories of data may be retained for different periods depending on their operational purpose.

When a user removes stored backups, disables sync, revokes devices, or requests account deletion, related records are deleted, disabled, or disassociated according to the product's available controls and operational requirements.

Your Controls

• You choose whether to grant the extension's optional cookie and host permissions.
• You choose which domains are included in backups and sync rules.
• You can disable sync rules, revoke devices, and remove stored backup or slot data where those controls are available.
• You can request account deletion using the instructions on the account deletion page.

Third-Party Infrastructure

StayLogged may rely on third-party infrastructure providers for hosting, networking, storage, security, and related service delivery. Those providers may process limited operational data as part of providing infrastructure services to StayLogged.

Children

StayLogged is not directed to children and is intended for users who can lawfully manage their own accounts, browser sessions, and related online activity.

Policy Changes

This policy may be updated as the product, legal requirements, or service operations change. Material changes will be reflected on this page by updating the published content and the last updated date.

Contact

For privacy questions, support requests, or account deletion requests, contact support@staylogged.com. Project and issue tracking are also available on GitHub.