Privacy Policy
What we collect, why we need it, and the controls you have over your Trovepile library.
1. Overview
Trovepile (“we,” “us,” “our”) provides a workspace for saving browser sessions, bookmarks, highlights, and optional notes and tasks. This Privacy Policy explains how we handle personal data when you use our website, apps, and APIs.
We do not sell your personal data. We do not use your saved library to train our own machine-learning models. When you turn AI features on, inference may be processed by vetted subprocessors (see Subprocessors) solely to provide the feature you requested.
This policy should be read together with our Terms of Service and the product-specific notes on FAQ.
2. Data we collect
Account information
When you register or sign in, we collect identifiers needed to authenticate you and operate your account — for example your email address, display name, authentication provider tokens, and plan or billing status metadata.
Workspace content
When you use Trovepile, you may store:
- Tab sessions and bookmark metadata (URLs, titles, tags, folders, revisit dates)
- Highlights and annotations from pages you choose to capture
- Optional notes, tasks, and workspace organization data
- Sharing settings, collaborator invitations, and public-link configuration
We store this content so you can organize it, sync it across supported devices, search it, and share it according to your settings.
Extension and page context
The browser extension reads tab metadata and page excerpts only when you initiate capture or page chat. Page chat sends an ephemeral excerpt with your question; that excerpt is not added to your library unless you explicitly save the page. We do not collect your full browsing history.
Usage, diagnostics, and billing
We collect operational logs (API requests, errors, quota usage), AI usage counters where applicable, and billing or invoice records for paid subscriptions. Payment card details are handled by our payment processor — we do not store full card numbers on Trovepile servers.
3. How we use data
We use personal data to:
- Provide, maintain, and improve the Trovepile service
- Authenticate you and sync your workspace across supported surfaces
- Enforce plan entitlements, quotas, and security controls
- Respond to support requests and abuse reports
- Send transactional email (account, billing, security) and, if you opt in, product digests
- Comply with legal obligations and protect our users and systems
Import and export tools exist so you can back up or migrate your library. See FAQ for current availability by plan.
4. AI features
AI capabilities (smart search, library assistant, page chat, suggestions, summarize, and related features) operate on your saved library and, when you use page chat, the page excerpt you send with a question.
You control AI from Settings → AI:
- A master switch can disable all AI features
- Per-feature toggles let you turn individual capabilities on or off
- You can exclude specific workspaces from AI indexing and search
- Optional anonymized telemetry for model quality is off by default
When AI is enabled, relevant text from your library may be embedded and retrieved to answer your queries. Embeddings are stored to power search and assistant features and are removed when you delete the underlying content or your account.
If you use Bring Your Own Key (BYOK) on a supported plan, your OpenAI API key is stored encrypted and used only for your account’s AI requests. See BYOK FAQ.
7. Retention
We retain your workspace content while your account is active. If you cancel a paid subscription, paid features continue until the end of the period you already paid for, then your account moves to Free-tier entitlements.
Billing invoices and anonymized payment records may be retained for up to seven years where required for tax and accounting compliance.
8. Vault
When you downgrade or cancel and your library exceeds Free-tier quotas, items over the limit are moved to your Vault rather than deleted immediately. Vaulted items are retained for:
- 90 days after a normal downgrade or cancellation
- 30 days in some trial-expiry workspace scenarios
During the retention window you can restore vaulted items if your plan has quota, export them from Settings, or resubscribe to trigger automatic bulk restore where available. After the retention period, vaulted items are permanently deleted, including related search embeddings.
See also Terms — Cancellation and plan limits.
9. Account deletion
You may request deletion of your account from the app (Settings) or by contacting us. Deletion is subject to a 30-day undo window during which you can cancel the request. After confirmation:
- Your workspace data and AI embeddings are hard-deleted
- Authentication credentials are revoked
- Billing invoices are anonymized but may be kept for legal retention periods
Account deletion is separate from subscription cancellation. Canceling a paid plan moves you to Free entitlements and may vault excess data; deletion removes your account entirely.
10. Your rights
Depending on where you live, you may have rights to access, correct, export, restrict, or delete personal data we hold about you — including under the GDPR, India’s DPDP Act, and the CCPA/CPRA.
To exercise these rights, email privacy@trovepile.com. We will respond within the timeframe required by applicable law (typically 30 days). You may also use in-app export tools where available.
11. Subprocessors
We use infrastructure and service providers to run Trovepile, including cloud hosting, authentication, email delivery, error monitoring, and — when AI features are enabled — model inference providers such as OpenAI.
Subprocessors process data only to provide the services we contract for and under appropriate security and confidentiality terms. When you disable AI features, we do not send library content to AI inference providers for those features.
12. Staff access
A small number of authorized Trovepile employees may access operational tools to provide support, investigate abuse, process billing, and maintain the service. Access is restricted, logged, and subject to multi-factor authentication.
We do not browse your bookmark or note contents for casual review. Content may be accessed only when necessary to investigate a support ticket or Terms-of-Service report you or another user filed. You may request an export of admin actions taken on your account by emailing privacy@trovepile.com.
13. Children
Trovepile is not directed at children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal data from children. Contact us if you believe a child has provided personal data and we will delete it.
14. Changes to this policy
We may update this Privacy Policy as the product or legal requirements change. We will post the revised policy on this page with an updated effective date. Material changes may also be communicated by email or in-app notice where appropriate.
15. Contact
Privacy questions and data-rights requests:
- privacy@trovepile.com
- General support: support@trovepile.com
See also our contact page.
This policy is written for customers. Engineering details for operators and developers live in the repository’s internal documentation and may be more specific than this summary.