The short version
- ✓ No account. No cloud. No tracking.
- ✓ Your workspaces, tabs, notes, and history are stored locally on your device only.
- ✓ We never collect browsing history, tab titles, URLs, page content, or workspace names.
- ✓ Network requests only happen when you explicitly trigger a feature that needs them.
- ✓ Crash reports are opt-in. Email updates are opt-in. Nothing is automatic.
What stays on your device
All of the following is stored exclusively in Chrome's local extension storage and never transmitted anywhere:
- Your workspaces — names, colors, icons, and tab lists
- Your browsing history within Duotang (used for Find & Switch search)
- Clippings and Pad notes
- Closed-tab history
- All settings and preferences
- Download records
- Search history within Find & Switch
What leaves your device — and when
Network requests only happen when you actively use a feature that requires one. Nothing is sent in the background. Each request type is described below.
Highlights (text enrichments)
When you select text on a page and Duotang recognizes it as a supported pattern, clicking the enrichment pill may fetch data from a third-party API to show you a result. The request is triggered by your action and contains only the selected text (e.g. a currency amount, scripture reference, IP address, or CVE ID). No page URL, tab title, or other context is sent.
Each of these can be individually disabled in Settings → Highlights. A single master switch turns off all network-using Highlights at once. Paranoid Mode (Settings → Privacy) blocks all outbound requests regardless of feature settings.
Peek (in-page link preview)
When you Alt+click a link to Peek it, Duotang fetches the content of that URL to display it in an overlay. The request goes to the URL of the link you clicked — the same request your browser would make if you navigated there normally. No additional metadata is sent.
Maps
When you highlight an address and open it in the Workbench Maps tab, the address is sent to Google Maps to display an embedded map. This is subject to Google's privacy policy.
Crash reports (opt-in)
If you enable crash reports during setup or in Settings, Duotang will send anonymous error reports to our bug-tracking endpoint (duotang-bugs.duotang.workers.dev) when something goes wrong. Each report contains:
- The error category (e.g. "content-script-inject-fail")
- The hostname of the page where it occurred (e.g. "notion.so") — never the full URL
- Extension version and browser user agent
- Non-identifying diagnostic state (workspace count, tab count, uptime)
Reports never include: URLs, tab titles, page content, workspace names, or any personal information. There are no user IDs, install IDs, device fingerprints, or pseudonymous identifiers of any kind — each report is fully anonymous with no way to link it to a specific user or installation. Crash reporting is off by default and can be turned off at any time in Settings.
Email updates (opt-in)
During setup, you can optionally enter your email address to receive updates about Duotang. If you do, your email is stored by our mailing list provider. We will never sell or share it. You can unsubscribe at any time.
Analytics and tracking
None. Duotang has no analytics, no usage tracking, no A/B testing, and no advertising. We do not know how many people use the extension, which features they use, or how long they use it.
Children's privacy
Duotang is not directed at children under 13 and does not knowingly collect information from them.
Changes to this policy
If we make material changes to what data leaves your device, we'll update this page and note the date at the top. We won't change the fundamental local-first nature of the product.
Contact
Questions about this policy: human@duotang.co