Skip to content
LangtonTools

Privacy

The data story, in plain language.

Two surfaces to cover: this website, and the Chrome extensions. Both follow the same rule — collect the minimum, store the minimum, send nothing without explicit user action.

Last updated: 2026-05-08

The website

No analytics. No Google Analytics, no Plausible, no Fathom, no PostHog. The site logs nothing about who visits. If a future version adds privacy-preserving analytics (server logs only, no cookies), this page will be updated explicitly.

No cookies. The site sets no cookies of its own. The Cmd+K search modal stores nothing in localStorage.

One third-party request: Google Fonts. Fonts are loaded from fonts.googleapis.com and fonts.gstatic.com. Google receives the IP address and User-Agent of your browser when those fonts load. There is no client-side script from Google. If self-hosting fonts is a priority, the site is structured so a single config edit switches the source.

Hosting. The site is statically exported and served by Netlify. Netlify can see standard server access logs (IP, User-Agent, requested path). The site itself does not correlate or store this data.

The extensions

Storage is local-only by default. Every extension uses chrome.storage.local under a single namespaced key (langton_workspace). Data never leaves your browser unless you explicitly trigger an action that sends it (export to CSV, AI rewrite, etc.).

Minimum-viable permissions. Most tools only request storage. The few that need page access (Scout, PageTag, Loupe, Ads Lens) limit content scripts to specific domains and only run when you click into the extension. None of them ask for <all_urls>.

AI calls are opt-in and direct. The handful of extensions that use AI (Brief, Scrub, Persona Lens, Lingo Check, Intent Classifier, Hierarchy Builder) only run when an Anthropic API key is configured in preferences. The browser calls api.anthropic.com directly — there is no Langton proxy. The key is stored in chrome.storage.local with an in-popup disclosure that this storage is unencrypted.

External integrations. When you connect Google Sheets, Zapier, or Slack via preferences, the relevant extension calls those APIs directly from your browser using the tokens you provided. Tokens are stored in chrome.storage.local alongside the workspace data.

No telemetry. The extensions do not phone home for usage analytics, error tracking, feature usage, or version-check pings. If a future tool needs error reporting, it will be opt-in and surface a clear disclosure.

What we never do

  • Sell or share data with third parties
  • Run remote code via the extension
  • Track users across sites
  • Use cookies, localStorage, or fingerprinting on this site
  • Send any extension data to a Langton-controlled server

Contact

Questions, concerns, or "I think this is wrong" — file an issue on GitHub. The privacy posture is part of the product; if it's not accurate to what the code does, that's a bug worth fixing.

Terms of use →