Privacy Policy
Last Updated: December 3, 2025
Introduction
Golden Day is committed to protecting your privacy. This Privacy
Policy explains how we handle your data when you use our
bookmarking service, including both our web application and
Chrome browser extension.
Chrome Extension
Our Chrome extension enhances your bookmarking experience by
allowing you to save content directly from any webpage. Here's
what you need to know:
Browser Permissions
The extension requests the following permissions:
- tabs: To detect what type of content you're
viewing (e.g., GitHub repo, YouTube video, Twitter post) and
provide personalized save options
- storage: To securely store your authentication
session locally in your browser
- identity: To enable Google OAuth authentication
- contextMenus: To add "Save to Golden Day" options
in your right-click menu
Website Access
The extension has permission to access specific websites to
provide enhanced features:
- Twitter/X (x.com, twitter.com): To detect and
save tweets with proper metadata
- GitHub (github.com): To detect repositories
and pull requests, and save them with stars, commit info, and
other metadata
- Google Accounts (accounts.google.com): For Google
OAuth sign-in
- Appwrite Cloud (*.cloud.appwrite.io): To sync
your bookmarks to the cloud
- Golden Day API (api.mygolden.day): For additional
features and services
What the Extension Does
- Adds a "Save to Golden Day" button on GitHub repositories
and X/Twitter posts for quick bookmarking
- Detects content type to provide personalized save options in
the right-click menu
- Only reads page data when you explicitly choose to save
something
What the Extension Does NOT Do
- Does not track your browsing history
- Does not read or collect data from pages unless you
explicitly save something
- Does not inject advertisements
- Does not share your data with third parties for advertising
Data Storage
Local Storage (Web Application)
IndexedDB: The web application stores all your bookmarks,
notes, and settings locally in your browser using IndexedDB. This
data never leaves your device unless you explicitly enable cloud
synchronization.
localStorage: We use browser localStorage to store
sync preferences, last sync timestamps, and application settings.
What We Store Locally:
- Bookmarks (URLs, titles, descriptions, tags, hashtags)
- Images and screenshots you save
- Code snippets and text notes
- YouTube videos, GitHub repos, Twitter posts, and other
content types
- Spaces (custom collections) you create
- Your organization preferences (sort order, filters, view
settings)
- Metadata fetched from URLs (titles, descriptions, Open Graph
images, favicons)
- Application settings and sync preferences
Extension Storage
The Chrome extension uses Chrome's storage API to store:
- Your authentication session (to keep you logged in)
- Extension preferences
Cloud Synchronization (Optional)
If you choose to enable cloud synchronization, your data is
stored securely using Appwrite Cloud Services (hosted in
Frankfurt, Germany). When cloud sync is enabled:
- Your bookmarks, spaces, and associated metadata are
encrypted in transit using HTTPS
- Data is stored in Appwrite's secure cloud infrastructure
with industry-standard security
- You can disable sync at any time, and your local data
remains intact
- Synced data is associated with your user account and
protected by authentication
- Only you can access your synced data
What Gets Synced: Bookmarks, spaces, titles, descriptions,
tags, hashtags, metadata, and organization preferences.
What Does NOT Get Synced: Your browsing history,
pages you visit but don't save, or any data from websites you haven't
explicitly bookmarked.
Authentication
Google OAuth
When you sign in with Google, we use Google's OAuth 2.0 service.
During this process:
- Google shares your email address, name, and profile picture
with us
- We use this information to create and identify your account
- We do not receive or store your Google password
- You can revoke Golden Day's access at any time through your
Google Account settings
See Google's Privacy Policy for how they handle your data.
Email/Password Authentication
If you create an account with email and password:
- Passwords are securely hashed and never stored in plain text
- Authentication is handled by Appwrite's secure
authentication system
- We only store your email address and hashed password
Third-Party Services
Golden Day integrates with the following third-party services to
provide our features:
Infrastructure & Authentication
Analytics
- PostHog (EU-hosted): For anonymous product
analytics to understand how features are used and improve
the application. Data is hosted in the EU for GDPR
compliance. We collect anonymous usage data like feature
clicks, page views, and errors. No personal browsing history
is tracked. See PostHog's Privacy Policy.
- Vercel Analytics: For anonymous web
performance monitoring and page view statistics. No personal
information is collected. See Vercel Analytics Privacy.
Payment Processing
- Stripe: For processing subscription
payments for premium features. We never see or store your
credit card details. All payment information is handled
entirely by Stripe's secure infrastructure. We only receive
confirmation of your subscription status. See Stripe's Privacy Policy.
AI Features (Optional)
- Together AI: For generating AI-powered
content summaries when you explicitly request them. Only the
title and description of content you choose to summarize are
sent to Together AI. Your content is not used to train AI
models. This feature is entirely optional. See Together AI's Privacy Policy.
Metadata & Content Enrichment
- GitHub API: For fetching public repository information
(stars, commits, language, owner) when you save GitHub links.
Only public data is accessed, no authentication required.
- YouTube: For fetching public video metadata
(title, thumbnail, channel) when you save YouTube links.
- Metadata Fetching: When you save a URL, we fetch
metadata (title, description, Open Graph images, favicons) directly
from that website to enhance your bookmark. This is done from
your browser to the target website.
Analytics and Usage Data
We collect anonymous analytics to improve Golden Day:
- What we collect: Page views, feature usage (e.g.,
"user created a space"), button clicks, errors, and performance
metrics
- What we DON'T collect: The actual content of
your bookmarks, URLs you save, personal browsing history, or
any personally identifiable information beyond what you provide
during sign-up
- Purpose: To understand which features are popular,
identify bugs, and improve the user experience
- Anonymization: Analytics data is anonymized
and cannot be traced back to individual users
Payment Information
For premium subscriptions:
- All payment processing is handled by Stripe
- We never see, access, or store your credit card information
- We only store subscription metadata: plan type
(monthly/yearly), status (active/cancelled), start date, and
renewal date
- You can manage your subscription and payment methods through
Stripe's secure billing portal
Data We Do NOT Collect
We do not collect, track, or store:
- Your browsing history (beyond bookmarks you explicitly save)
- Content of web pages you visit but don't save
- Credit card or payment information (handled by Stripe)
- Data for advertising purposes
- Data to train AI models (your content is not used for AI
training)
- Cookies for tracking (we only use essential cookies for
authentication)
- Device fingerprints or identifiers beyond standard web
analytics
Data Security
We implement industry-standard security measures:
- All data transmission uses secure encryption (HTTPS/TLS)
- Passwords are hashed using secure algorithms and never
stored in plain text
- Local data is stored securely in your browser's IndexedDB
and localStorage
- Cloud-synced data is protected by Appwrite's security
infrastructure with access controls
- Authentication sessions use secure tokens
- Regular security updates and monitoring
Your Rights
You have the right to:
- Access all your data stored locally at any time
- Delete your data from local storage (clear browser data)
- Disable cloud synchronization at any time
- Request deletion of all cloud-synced data
- Cancel your subscription and request a refund (subject to
our refund policy)
- Revoke Google OAuth access through your Google Account
settings
- Request a copy of all data we have about you
- Opt out of analytics (by using browser privacy tools or ad
blockers)
To exercise these rights, contact us through the app or email us
at the contact information below.
Data Retention
We retain your data as follows:
- Local data: Stored in your browser until you
clear it or uninstall the extension
- Cloud-synced data: Stored until you delete it
or close your account
- Account data: Retained while your account is
active. Deleted within 30 days of account closure
- Analytics data: Anonymized analytics are retained
for up to 2 years for trend analysis
- Payment records: Retained by Stripe per their
policies and legal requirements
International Data Transfers
Your data may be transferred to and processed in:
- European Union: Appwrite Cloud (Frankfurt, Germany),
PostHog (EU)
- United States: Vercel, Stripe, Together AI
All data transfers comply with GDPR and use appropriate
safeguards such as Standard Contractual Clauses.
Children's Privacy
Golden Day is not directed to children under 13. We do not
knowingly collect personal information from children under 13.
If you believe we have collected information from a child under
13, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect
changes in our practices or legal requirements. We will notify
you of any material changes by:
- Updating the "Last Updated" date at the top of this policy
- Displaying a notice in the application
- Sending an email notification for significant changes (if
you have an account)
Your continued use of Golden Day after changes constitutes
acceptance of the updated policy.
Contact
If you have questions about this Privacy Policy or want to
exercise your privacy rights (including data deletion requests),
please contact us: