Privacy Policy
Last updated: March 8, 2026
Morphite ("we", "our", "us") operates the Morphite Chrome Extension. This Privacy Policy explains what data we collect, how we use it, and your rights regarding that data.
1. Information We Collect
The Morphite extension may collect the following types of data:
- Authentication information: Account credentials (via Clerk) to identify you and sync your data across devices.
- Web browsing activity: URLs and page content of tabs you interact with while using Morphite features. This data is collected only when you actively use the extension.
- User activity: Workflow recordings, clicks, and interactions you capture through the extension for automation purposes.
- Website content: Page structure (DOM) accessed via the DevTools debugger API to enable workflow recording and playback.
2. How We Use Your Data
We use collected data exclusively to:
- Record, store, and replay browser workflows you create
- Authenticate your account and sync workflows across devices
- Process page content through AI models to understand and automate workflows
- Improve extension functionality and fix bugs
We do not use your data for advertising, analytics profiling, or any purpose unrelated to the extension's core functionality.
3. Data Sharing
We do not sell, rent, or trade your personal data to third parties.
Your data may be shared with:
- AWS (Amazon Web Services): Cloud infrastructure provider for data storage and AI model processing (Amazon Bedrock).
- Clerk: Authentication service provider for account management.
These providers process data solely on our behalf and are bound by their own privacy policies and data protection agreements.
4. Data Storage and Security
- All data transmitted between the extension and our servers uses HTTPS encryption.
- Local data is stored using Chrome's built-in storage API with standard browser protections.
- Server-side data is stored in AWS with encryption at rest and in transit.
- Authentication tokens are managed by Clerk and stored securely in the browser.
5. Data Retention and Deletion
Workflow data is retained as long as your account is active. You can delete individual workflows at any time through the extension. To request deletion of all your data, contact us at the address below. We will process deletion requests within 30 days.
6. Your Rights
You have the right to:
- Access the data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Export your workflow data
- Withdraw consent by uninstalling the extension and requesting account deletion
7. Permissions Justification
The extension requests the following Chrome permissions, each required for core functionality:
- activeTab: Access the current tab when you ask Morphite to inspect, record, or automate it.
- tabs: Read tab metadata, react to navigation changes, and manage workflow tabs during automation.
- tabGroups: Organize tabs created during workflow runs.
- sidePanel: Display the Morphite interface in a browser side panel.
- debugger: Use Chrome DevTools Protocol for workflow recording, DOM inspection, and automation.
- scripting: Inject content scripts for workflow capture and Clerk auth sync.
- storage: Persist local settings, workflow metadata, and cached state.
- offscreen: Process data in the background without visible UI.
- cookies: Required by Clerk syncHost auth so Clerk's Chrome extension SDK can read and observe the browser session cookies it uses for sign-in state. Morphite does not use this permission for separate cookie scraping or management.
- host_permissions (all URLs): Inject scripts and record or replay workflows on the sites you explicitly choose to automate.
8. Chrome Web Store Compliance
The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically:
- We do not use collected data for personalized advertising.
- We do not sell or transfer data to third parties for advertising or data brokerage.
- We do not use data for creditworthiness or lending purposes.
- Human access to raw user data is limited to security purposes, legal compliance, or with explicit user consent.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the extension after changes constitutes acceptance of the updated policy.
10. Contact Us
For questions about this Privacy Policy or to exercise your data rights, contact us at: