CopyFlow Privacy Policy
Last updated: March 2, 2026
The short version: CopyFlow stores your clipboard history locally on your device. We do not collect, transmit, or sell any of your data. We have no servers. We have no analytics. We don't even have accounts.
What data CopyFlow stores
CopyFlow saves the text and images you copy to your clipboard. Each saved clip includes:
- The copied text or image content
- A timestamp of when it was copied
- The title and URL of the page you copied from (for your reference only)
- Whether you pinned or edited the clip
- Folder assignment (if you organize clips into folders)
All of this data is stored locally in your browser using Chrome's built-in storage API (chrome.storage.local). It never leaves your device.
Optional encryption
CopyFlow includes an optional password-based encryption feature. When enabled:
- All clipboard entries are encrypted on your device using AES-256-GCM before being saved to storage.
- The encryption key is derived from your password using PBKDF2-SHA256 (600,000 iterations). Your password is never stored.
- The derived key is kept in
chrome.storage.session while the browser is open, and cleared automatically when the browser closes.
- Without your password, the encrypted data cannot be read — not even by CopyFlow developers (we have no servers or access to your device).
Encryption is entirely optional. If you don't set a password, your clips are stored in plaintext locally, exactly as in v0.1.0.
What data CopyFlow does NOT collect
- No browsing history
- No personal information (name, email, etc.)
- No analytics or usage tracking
- No cookies or fingerprinting
- No data is sent to any server, anywhere
Permissions explained
CopyFlow requests only the permissions it needs to function:
- clipboardRead / clipboardWrite — Read your clipboard to save history, and write to it when you click a clip to copy it.
- storage / unlimitedStorage — Save your clipboard history locally in your browser, with enough space for large image histories.
- offscreen — Chrome requires this to access the clipboard from a background process.
- activeTab / tabs — Detect which page you copied from, so CopyFlow can show the source next to each clip.
- contextMenus — Show your recent clips in the right-click menu for quick pasting.
CopyFlow does not request access to your browsing history, bookmarks, downloads, or any data beyond what is listed above.
Data export and deletion
You can export all your data as a JSON file at any time using the export feature in CopyFlow's popup menu. You can also delete individual clips, or clear all clips at once. Uninstalling the extension permanently deletes all stored data.
Third-party services
CopyFlow does not use any third-party services, SDKs, analytics platforms, or advertising networks. There is no server-side component.
Children's privacy
CopyFlow does not knowingly collect any data from children under the age of 13.
Changes to this policy
If this privacy policy changes, the updated version will be posted at this URL with a new "Last updated" date. Since CopyFlow has no way to contact users (we don't collect email addresses), we encourage you to check this page occasionally.
Contact
If you have questions about this privacy policy, you can reach the developer at:
Email: alanwmurphy@gmail.com