Legal

Privacy Policy

Effective date: July 7, 2026 Version 0.5.0 Contact: hi@stephenlovino.com
Your data never leaves your machine

AI Bridge stores all captured tokens and network data inside a Python server running on your own computer (127.0.0.1). We operate no cloud database and receive no browsing data. The only outbound call AI Bridge makes is a license key validation check — described fully below.

1. What AI Bridge Does

AI Bridge is a developer tool that connects AI assistants (Claude, Hermes, or any tool you configure) to your browser. It lets AI agents read page content, click elements, type text, and access authentication tokens from web applications you are already logged into — enabling automated workflows and auditing tasks.

All actions are routed through a local Python server on your machine. No AI Bridge cloud infrastructure exists between your browser and your AI tools.

2. Data Collected and How It Is Stored

The following table describes everything AI Bridge reads, where it is stored, and when it is discarded.

Data type
Where stored · When cleared
Auth tokens (Bearer, Firebase ID tokens)
Local disk at bridge/.tokens.json on your machine only. Cleared when you delete the file or uninstall the bridge.
Firebase refresh tokens
Local disk at bridge/.firebase_refresh.json. Used to mint fresh ID tokens without requiring a page reload. Cleared when you delete the file.
Network request/response metadata
In-memory only. Capped at 500 entries. Cleared when the bridge server restarts.
CDP network events (Deep Capture)
In-memory only. Captured only when you manually activate Deep Capture. Cleared on restart or when you stop Deep Capture.
Page DOM / accessibility tree
Never persisted. Read on demand by AI tools and passed directly to them in-session.
License key
Stored in chrome.storage.local (your browser profile, local only). Sent to our validation endpoint once to confirm validity — see Section 4.

3. Chrome Permissions Explained

AI Bridge requests the following Chrome permissions. Each one has a specific, scoped purpose.

4. Outbound Network Requests

AI Bridge makes exactly two types of outbound network requests:

License validation

When you enter a license key, the extension sends that key to a Cloudflare Worker we operate at ai-bridge-license.workers.dev. The Worker checks the key against Whop (our payments provider) and returns valid: true/false. No browsing data, tokens, or page content are included in this request. The key is re-checked once every 24 hours while the browser is open.

Firebase token refresh (optional)

If you use AI Bridge with GoHighLevel and have captured a Firebase refresh token, the bridge server may call securetoken.googleapis.com on your behalf to mint a fresh ID token. This request originates from your local machine and contains only the refresh token credential — no user data or browsing history.

No other outbound calls

AI Bridge does not send telemetry, analytics, error reports, or any browsing data to any remote server. It has no cloud database, no session recording, and no advertising network integration.

5. Data Sharing

AI Bridge does not sell, rent, or share your data with third parties. Captured tokens and network data flow only to AI tools running on your own machine or in environments you control (e.g., your own Claude API calls).

Whop receives only your license key to confirm payment status. They operate under their own privacy policy.

6. Your Controls

7. Children's Privacy

AI Bridge is a developer tool intended for adults. We do not knowingly collect data from anyone under the age of 18.

8. Changes to This Policy

Material changes will be reflected in a new effective date and communicated via the Chrome Web Store release notes. Continued use after the effective date constitutes acceptance of the revised policy.

9. Contact

Questions or requests regarding this policy:

Stephen Lovino
Lovino Web Creations
hi@stephenlovino.com