privacy policy
Effective June 10, 2026 · applies to the shai browser extension (v2)
shai helps you see where the story happens: select a passage while you read, choose shai one, and shai draws an editorial mini-map of the places in that passage. This policy describes exactly what data the extension handles. The short version: shai sends only the passage you selected (plus the page title and URL) to the shai service, only when you invoke it. It never scans or ingests the full page, and it never sells your data.
what is sent, and when
Nothing is sent until you select text and choose shai one from the right-click menu. At that moment the extension sends to the shai service:
- the selected text;
- the current page URL and page title (used only to disambiguate places — the service never fetches or browses the page);
- up to 200 characters before and after the selection from the same page context (to help disambiguate places — e.g., which "Cambridge" is meant);
- the page language, if available.
what is never collected
- The extension does not scan, read, or upload the full page.
- The extension does not run on any page until you invoke it on selected text.
- No accounts, no sign-in, no profiles. We do not know who you are.
- No browsing history, no keystrokes, no form data.
- No third-party analytics or trackers in the extension.
- Your data is never sold and never used for advertising or creditworthiness purposes.
how the data is used
The selected passage and its minimal context are used for one purpose only: generating the editorial mini-map you asked for. To do that, the shai service (running on Cloudflare Workers) passes data to two kinds of processors:
- a language model API (Google Gemini) receives the selected passage to identify the places and spatial story in it;
- geocoding providers (Geocode Earth, OpenCage) receive only place names derived from the passage — never the passage itself, never the page URL.
These processors are used solely to fulfill the request and are not permitted to use the data for their own advertising.
retention
The service keeps short operational logs of requests (the selected passage, the derived map plan, and timing/diagnostic data) to monitor quality and fix failures during the beta. Logs are not linked to any identity, are accessible only to the developer, and are periodically purged. Generated maps you download are yours and are stored only on your device.
permissions, explained
- activeTab — lets shai act on the current tab after your explicit action;
- contextMenus — shows the shai one menu item only when text is selected;
- scripting — injects the map renderer into the page only after you invoke shai.
The extension requests no host permissions and installs no persistent content scripts — it cannot observe pages you visit.
your rights
The same protections apply everywhere, including the EU/EEA: we collect minimal data, do not profile users, and you can request deletion of request logs via the contact email below.
changes
If this policy changes materially, the effective date above will be updated and the change summarized here before it takes effect. No changes since initial publication (June 10, 2026).
contact
Questions or requests: shai@mcar.eu.org