Privacy Policy
Effective Date: April 18, 2026
Last Updated: April 18, 2026
Who We Are
ContinueVault is a product of ContinueVault, LLC. ContinueVault helps you sync your AI conversations to a personal, encrypted vault — so you can search your history, move between platforms, and pick up any session where you left off.
This Privacy Policy explains what data the ContinueVault browser extension and service collect, how we use it, and how we protect it.
What We Collect
Account Information
When you sign up, we collect your email address and authentication credentials, managed through our identity provider (Auth0). We use your email for login, account recovery, and service communications.
Conversation Data
When the ContinueVault extension is active on a supported AI platform and you have approved that account for syncing, the extension saves the text content of your conversations to your vault. This includes the messages you send and the responses the AI generates, along with timestamps, session identifiers, and the platform used.
You choose which AI accounts to sync — each account must be individually approved before any data is saved. The extension does not sync shared chats, private chats, or incognito conversations unless you explicitly enable this.
The extension syncs conversations from these platforms:
| Platform | What is synced |
|---|---|
| Claude (claude.ai) | Conversation messages, timestamps, organization context, model and settings metadata |
| ChatGPT (chatgpt.com) | Conversation messages, timestamps, model metadata |
| Gemini (gemini.google.com) | Conversation messages via DOM observation |
| Grok (grok.com) | Conversation messages (basic sync) |
| DeepSeek (chat.deepseek.com) | Conversation messages, including thinking/reasoning content and timing |
| Perplexity (perplexity.ai) | Conversation threads and responses |
The extension also communicates with your ContinueVault dashboard at continuevault.com to link your browser to your account and keep your vault in sync.
How the Extension Syncs Conversations
To sync conversations as they happen — and to know when a response has finished generating — the extension watches each platform's own conversation API. For example, on ChatGPT, it observes the same /backend-api/conversation/... endpoint that the page itself loads. On Claude, it observes /api/organizations/.../chat_conversations/....
The extension does not modify what the platform sends or receives. It only observes the same data the page is already loading on your behalf, and only from a fixed list of endpoint patterns per platform. The specific endpoints are hardcoded as regex whitelists in the extension source code — nothing is constructed dynamically.
On Gemini, the extension does not access API response bodies at all. It observes when a response stream finishes and then syncs the conversation from the page itself.
No data leaves your browser until you have signed in to ContinueVault, a valid session exists, and you have approved the account for syncing. The extension on an anonymous or signed-out user is completely passive.
Derived Data
Once your conversations are in your vault, ContinueVault processes them to build your knowledge base. This produces session and thread summaries, extracted knowledge items (decisions, approaches, entities, and other structured details), topic classifications and thread groupings, and thread briefings for session continuity.
This processing uses AI APIs (Anthropic, OpenAI) under our service account. Your data is not used by these providers to train their models, per their API terms of service.
Diagnostic Data
The extension includes Sentry for error reporting. When an error occurs, a diagnostic report is sent to Sentry with technical context (stack trace, extension version, browser type). Before transmission, personally identifiable information is stripped: email addresses, authentication tokens, and authorization headers are all scrubbed from the report. We use this data solely to identify and fix bugs.
What We Do Not Collect
We do not collect your browsing history, data from non-AI websites, keystrokes outside of AI conversation interfaces, or any data when the extension is disabled or you are signed out. We do not sync shared chats, private chats, or incognito conversations unless you explicitly enable this in your extension settings.
How We Use Your Information
We use your information to sync and save your conversations in your personal vault, build your knowledge base by extracting and organizing the important details from your history, provide session continuity so your AI can search your vault and pick up where you left off, diagnose and fix bugs using anonymized error reports, and communicate with you for account verification, password resets, and service notifications.
We do not sell your data. We do not use your conversations to train AI models. We do not share your data with advertisers. We do not display advertising.
Data Security
Encryption
Your conversation data is encrypted at rest in your vault using a key unique to you. When your vault isn't active, your conversations can't be accessed. The encryption key is derived per-user and managed by a dedicated key service that is isolated from the application servers.
Infrastructure
Your data is saved on infrastructure hosted in the United States. Each user's vault is logically and cryptographically separated.
Transmission
All data in transit is encrypted with TLS/HTTPS — between the extension and your vault, between your browser and the dashboard, and between the vault and any AI APIs used for knowledge extraction.
Retention
Your conversation data is retained for as long as your account is active, subject to your plan's retention limits (30 days on the free plan; unlimited on paid plans). You may delete individual sessions, threads, or your entire vault at any time through the dashboard. Upon account deletion, all associated data is permanently removed within 30 days.
Browser Extension Permissions
The extension requests these permissions and uses them as follows:
| Permission | Why it's needed |
|---|---|
| storage | Saves your extension settings and session state locally in the browser |
| scripting | Re-injects content scripts after the browser restarts the extension's background worker (required by Chrome's Manifest V3 architecture) |
| alarms | Schedules periodic sync and health checks in the background |
Host Permissions
The extension requests access to these specific sites:
| Site | Why |
|---|---|
| claude.ai | Syncs your Claude conversations to your vault |
| chatgpt.com | Syncs your ChatGPT conversations to your vault |
| gemini.google.com | Syncs your Gemini conversations to your vault |
| grok.com | Syncs your Grok conversations to your vault |
| chat.deepseek.com | Syncs your DeepSeek conversations to your vault |
| perplexity.ai | Syncs your Perplexity conversations to your vault |
| continuevault.com | Links the extension to your ContinueVault account and dashboard |
The extension only activates on these sites. It does not access, monitor, or interact with any other websites.
Third-Party Services
| Service | Purpose | Data shared |
|---|---|---|
| Auth0 | Authentication and login | Email address, login events |
| Stripe | Payment processing | Payment information (handled entirely by Stripe — we do not save card numbers) |
| Sentry | Error reporting | Anonymized diagnostic data (PII stripped before transmission) |
| AI APIs (Anthropic, OpenAI) | Knowledge extraction and summarization | Portions of your conversations, processed under our service account |
| SendGrid | Transactional email | Email address (for verification and notification emails) |
Each third-party service is subject to its own privacy policy.
Your Rights and Choices
Access and Export. You can view all your saved conversations through the ContinueVault dashboard. You may export your data at any time.
Deletion. You can delete individual sessions, threads, or your entire account and all associated data. Deletion is processed within 30 days.
Extension Control. You can disable or uninstall the extension at any time. When disabled, no data is synced or transmitted. The extension popup includes a switch to disable auto-sync, which pauses syncing without uninstalling the extension.
Per-Account Approval. Each AI account must be individually approved before the extension will sync its conversations. You can revoke approval for any account at any time.
Privacy Controls. The extension popup includes privacy settings that let you control whether support staff can access your account metadata or conversation data for troubleshooting. Both are off by default and reset automatically after 24 hours.
Children's Privacy
ContinueVault is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 16, we will delete it promptly.
International Users
ContinueVault is operated from the United States. If you access the service from outside the United States, your information will be transferred to and processed in the United States. By using the service, you consent to this transfer.
For users in the European Economic Area (EEA) or United Kingdom, we process your data on the basis of your consent (provided when you create an account and install the extension) and our legitimate interest in providing the service. You have the right to withdraw consent at any time by deleting your account.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. The "Last Updated" date at the top indicates when the most recent changes were made.
Contact Us
If you have questions about this Privacy Policy or your data:
Email: privacy@continuevault.com
Website: continuevault.com