Privacy

keepthis.site is a personal bookmark manager. The whole product is designed to keep your reading list on your machine and out of any database we control. This page spells out exactly what data each piece of it touches.

The desktop app

The Mac app stores every pin in a local SQLite database under ~/Library/Application Support/kts.app/. It does not report telemetry, does not phone home for crash reports, and does not embed any third-party analytics or advertising SDK.

To capture page previews it spawns a headless Chromium that you either downloaded yourself from Settings or already had installed. That Chromium fetches each saved URL once — direct from the origin, with the same User-Agent string a normal browser would send. No image proxy or scraping service is involved.

The browser extension

The extension's only job is "save the current tab". When you click the toolbar button or pick the entry from a context menu, the extension reads:

• the URL of the active tab,
• its document title,
• any text you type into the popup (tags, a comment).

It then POSTs that JSON to http://127.0.0.1:43215/, which is the local HTTP endpoint the desktop app exposes only on loopback. The bytes never leave your machine. The extension does not read tab content, does not run on any page (no content scripts), and the manifest's only host permission is the localhost endpoint above.

Sync (optional)

If you turn on sync, the desktop app encrypts every event with a passphrase that lives only on your device, and uploads the ciphertext to a sync server you can either run yourself or use ours at https://keepthis.site. The server stores opaque bytes; we cannot read a single pin. If you lose the passphrase, the data is unrecoverable — by design.

Sign-up data on the sync server

Creating an account on the hosted sync server records your email address and an Argon2 password hash. The email is used to let you sign in from a second device and to send password-reset links if you ask for one. It is never sold, shared, or used for any marketing. There is no marketing.

Cookies, tracking, analytics

None. Neither this website, the extension, nor the desktop app sets cookies for analytics, runs first- or third- party tracking, or sends pings to ad networks. The only HTTP requests this site makes from your browser are for the page you asked for, the favicons, and Google Fonts (Geist / Geist Mono).

Data deletion

Local pins: delete the database file (or use Settings → "delete account" if you signed up for sync).

Sync account: Settings → "delete account" wipes your row and every event row that belongs to it on the server. The action is irreversible and takes effect immediately.

Contact

Questions, concerns, takedown requests — write to hi@keepthis.site.

last updated

2026-06-07

jurisdiction

Spain (GDPR applies)

data controller

José Galisteo