Add to Chrome

Privacy Policy

Last updated 11 June 2026

This Privacy Policy explains how Sidenote handles personal data. Sidenote is operated by Lewis Hadden, trading as Sidenote, a sole trader registered in the United Kingdom.

Contact: support@getsidenote.app. Address: 40 Viking Way, Whittlesey, PE7 1DY, United Kingdom.

This policy at a glance

This policy covers, for both the Sidenote browser extension and the web dashboard at app.getsidenote.app:

  • Data collection — what personal data we collect, and how it is collected (Sections 2 and 3).
  • Data handling and use — how collected data is processed, what it is used for, and the lawful bases for that processing (Sections 4, 5, and 9).
  • Data storage — where your data is stored, how it is secured, and how long it is retained (Sections 10 and 12).
  • Data sharing — who your data is shared with, the sub-processors we use, international transfers, and what we never do with your data (Sections 6, 7, and 8).

1. Who is the data controller?

For the purposes of UK GDPR and the Data Protection Act 2018, Lewis Hadden (trading as Sidenote) is the data controller for personal data collected through the Sidenote browser extension and web dashboard.

2. Data collection: what we collect

Account data

Your email address, used to authenticate via magic link, and the timestamps of your account creation, trial start, and subscription state changes.

Your mobile phone number, collected once on the web dashboard to verify your account with a one-time SMS code before AI features can be used. We store the number (in international format) and the time it was verified. Verification codes are sent by Twilio (Section 6); we never use your number for marketing and never share it beyond that delivery. Phone verification happens only on the web dashboard — the browser extension never collects your phone number.

Document content

When you use Sidenote on a document — whether a PDF, web article, Confluence page, upload, or a document from a connected account (Google Docs, Notion, a Slack canvas, or SharePoint / OneDrive) — we extract its text (in your browser for files and web pages, or via the provider's official API for connected accounts), send it to our backend, and store the processed text and vector embeddings so we can answer questions and produce summaries about it. Connected accounts are detailed below. You choose between two retention modes per document:

  • Store (default): the document content is retained so you can re-open and re-query it later. Cached across users — if another user ingests the same file, neither of you re-pays for indexing.
  • Discard: the document content is processed transiently and not retained beyond the current session.

Connected accounts (Google Docs, Notion, Slack, Microsoft SharePoint & OneDrive)

You can connect third-party accounts so Sidenote can read documents you choose to bring in. We connect through each provider's official API and access content only when you explicitly ingest a specific document — we never browse, list, or bulk-read your files, and we never write or post anything back. OAuth tokens for every integration are encrypted at rest; disconnecting an integration immediately deletes its stored tokens. Once ingested, content from a connected account is processed, stored, and retained exactly like any other document.

  • Slack canvases: using the user-token scope files:read, we read the text and images of the specific canvas you ingest, then resolve it through the Slack file API and its private download URL. We store your Slack user ID and your workspace/team ID and name to label the connection; Slack does not share your email, and we do not receive it. We do not read your messages or channels, and we never post to Slack.
  • Notion: we read the content of pages you have explicitly shared with the Sidenote integration (open a page's ••• menu, then Connections, and add Sidenote) and then choose to ingest. We store your Notion workspace ID and name, the integration's bot ID, and the connection owner's email where Notion provides it.
  • Google Docs: using read-only Docs access via the scope documents.readonly, plus your basic profile email, we read the content only of the specific Google Doc you choose to open or ingest. We also request optional read-only Drive access (drive.readonly) for one purpose: exporting that same document as a PDF (Google's files.export) so Sidenote's viewer can display it exactly as Google formats it; the exported PDF is stored with your library copy of that document. We never list, browse, or search your Drive, and we never access any file you did not choose to ingest. You can decline the Drive permission on Google's consent screen and everything still works — Sidenote falls back to an HTML rendering. We store your Google account email; the refresh token is encrypted at rest and the access token is short-lived.
  • SharePoint & OneDrive: signing in with Microsoft using delegated, read-only Microsoft Graph scopes (Files.Read.All, Sites.Read.All, User.Read, and offline_access), we read the content only of the specific SharePoint page, Office file, or OneDrive document you choose to open or ingest. We store your Microsoft account email, display name, and tenant ID to label the connection; the refresh token is encrypted at rest and the access token is short-lived. On organisations that restrict application consent, a one-time administrator approval may be required before you can connect.

Google API Services Limited Use

Sidenote's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements:

  • We use Google user data only to provide and improve the user-facing features you request (summaries, chat, explanations, glossaries, and in-document citations).
  • We do not use Google user data to develop, improve, or train generalised or non-personalised AI/ML models.
  • We do not transfer Google user data to third parties except as necessary to provide or improve those user-facing features, to maintain security, or to comply with law — never to advertising platforms, data brokers, or for resale.
  • We do not allow humans to read Google user data unless we have your affirmative consent for specific items, it is necessary for security or to comply with law, or the data has been aggregated and anonymised for internal operations.

Usage data

The number of API calls you make, the AI models invoked, and the token counts per call. This is used to enforce free-tier limits and bill Pro subscribers. We do not log document content in usage records.

The browser extension also reports its own technical errors (an error message, a stack trace referencing the extension's code, and the extension version) so we can fix crashes. These reports never include page content, page URLs, selections, or document text, and you can turn them off at any time in the extension's account menu (“Error reports”).

Payment data

If you upgrade to Pro, payment processing is handled by Stripe. We never see or store your card number, expiry, or CVC. Stripe shares with us a customer reference, your last four digits (for display), and your subscription status.

Cookies

The web dashboard sets a single first-party browser-storage entry to keep you signed in. The browser extension stores its session in chrome.storage.local. We do not set advertising cookies, tracking cookies, or third-party analytics cookies.

3. Data collection by the Sidenote Chrome extension

The Sidenote browser extension is the side-panel reader that runs in Chrome. No data leaves your browser until you take an explicit action — opening the side panel, clicking Ingest on a document, asking a question, or signing in. Taking one of those actions is how you consent to the collection and processing described in this policy; no data collection begins without it. Sidenote never crawls your tabs in the background, never bulk-reads your accounts, and never collects data passively.

The extension requests the Chrome permissions below. Each is used only for the purpose listed; none is used for analytics, advertising, profiling, or fingerprinting:

  • sidePanel — renders Sidenote's interface in Chrome's native side panel. No user data is collected by this permission itself.
  • storage — persists your Supabase authentication session (access and refresh tokens), document-loaded state, and UI preferences to chrome.storage.local so the side panel restores its state across browser restarts. No telemetry and no third-party data is stored.
  • activeTab and tabs — let Sidenote read the URL of your current tab, route messages between the side panel and the page's content script for citation scroll-and-highlight, and navigate within a tab when you click a citation chip. We never read tab content you have not chosen to ingest.
  • cookies — reads and clears one first-party sign-in presence cookie (sidenote_signed_in) on the getsidenote.app domains, so the side panel reflects whether you are signed in to your Sidenote account. Sidenote does not read, collect, or transmit any third-party cookies.
  • Host access <all_urls> — required because Sidenote works on documents you open anywhere in your browser; there is no fixed list of supported sites. The content script is declared for all URLs so it can detect supported documents (PDFs in Chrome's viewer, articles via Readability, Confluence pages via the page DOM) and highlight cited passages in the live page. The content script captures content only when you have the side panel open AND explicitly run an action. It does no work and reads no page content otherwise.

On the web dashboard at app.getsidenote.app, Sidenote also receives the documents you upload or import from a connected account, the questions you ask, and the chat responses generated for you. Every one of these flows is initiated by you and described in Section 2.

4. Data handling: how we use your data

  • To authenticate you and keep you signed in
  • To process documents you submit and answer your questions about them
  • To enforce free-tier limits and bill Pro subscriptions
  • To send service emails (magic links, billing receipts, trial reminders)
  • To diagnose errors and improve the product

In practice, your data is handled like this: text you choose to ingest is extracted in your browser (or fetched from the provider's official API for connected accounts), sent to our backend over an encrypted connection, processed by the sub-processors listed in Section 6 solely to fulfil the request you made, and stored as described in Sections 10 and 12. It is never used for advertising, profiling, or model training (Section 9), and it is never handled for any purpose beyond the user-facing features you request.

5. Lawful basis for processing

We rely on the following lawful bases under UK GDPR Article 6:

  • Contract (Art. 6(1)(b)): processing necessary to provide the service you signed up for — authenticating, indexing your documents, answering your questions, and billing.
  • Legitimate interest (Art. 6(1)(f)): aggregate, non- identifying telemetry to keep the service running and improve it, and preventing fraud and free-trial abuse (phone verification and the trial-eligibility records described in Section 10).
  • Legal obligation (Art. 6(1)(c)): retaining limited financial records as required by UK tax law.

6. Sub-processors

Sidenote relies on the following processors. Each is contractually bound to process data only on our instructions and to maintain appropriate security:

  • Supabase: database + authentication — eu-west-2 (London), UK. Used to store account, document, and chat history data.
  • Anthropic: Claude language models — used to generate summaries, chat answers, explanations, and glossary entries. Anthropic does not train its models on our API traffic.
  • Voyage AI: text embeddings — used to convert document chunks into vectors for retrieval. Voyage does not train on API traffic.
  • Stripe: payment processing and billing portal.
  • Twilio: phone verification — receives the phone number you submit and delivers the one-time SMS code. Twilio is not permitted to use the number for any other purpose.
  • Resend: transactional email delivery (magic links, receipts, trial reminders).
  • Vercel: hosting for the web dashboard and marketing site.

7. Data sharing: how we share your data — and what we don't do

Data sharing is limited to the sub-processors listed in Section 6, and only to the extent each one needs in order to provide the service you asked for. Beyond that:

  • We do not sell your data — to anyone, under any circumstance.
  • We do not share your data with advertisers, ad networks, marketers, or data brokers, and we do not use your data to target advertising anywhere.
  • We do not run third-party analytics against your account. The marketing site uses Google Analytics for aggregate visit counts; the web dashboard and the browser extension do not. Neither surface uses ad pixels or cross-site tracking cookies.
  • We do not transfer your data to third partiesfor any purpose unrelated to providing Sidenote's user-facing features.
  • Limited use of your data. Sidenote uses your data solely to operate and improve the user-facing features you request — summaries, chat, citations, explanations, glossaries, billing, and authentication. We do not allow humans to read your content except (a) with your affirmative consent on a specific item, (b) where strictly necessary for security or to comply with law, or (c) in aggregated, anonymised form for internal operations.

If Sidenote ever became part of a corporate transaction (merger, acquisition, or asset sale), we would notify you before any personal data was transferred and you would retain your rights under this policy.

8. International transfers

Anthropic, Voyage AI, Stripe, Twilio, Resend, and Vercel may process data outside the UK, primarily in the United States or European Union. Where this happens, we rely on the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or the UK's Adequacy Regulations as appropriate.

9. AI model training

We do not train AI models on your documents or your conversations with Sidenote. Anthropic and Voyage operate with no-training defaults on the API tiers we use, and we do not fine-tune models on user content. This applies to every source — uploads, web pages, PDFs, and every connected account (Google Docs, Notion, Slack, SharePoint, OneDrive, Confluence) — and to every pricing tier, including the free tier.

10. Data retention: how long we store your data

  • Account data: retained while your account is open. Deleted within 30 days of account closure, except the trial-eligibility records below.
  • Phone number: retained while your account is open, like other account data.
  • Trial-eligibility records: the email address and phone number used to start a free trial, with the trial start date, are retained for as long as Sidenote offers a free trial — including after account closure — so the one-trial-per-person limit cannot be bypassed by re-registering. These records are kept separately from your account and used for no other purpose.
  • Document content (Store mode): retained while your account is open or until you delete the document, whichever is sooner.
  • Document content (Discard mode): removed within 24 hours of upload. An hourly background sweep deletes the document and its chunks; any shared content row that no other user references is removed at the same time.
  • Chat history: retained while your account is open. You can delete individual conversations from the sidebar.
  • Usage records: retained for 24 months for billing reconciliation.
  • Payment records: retained for 7 years to comply with UK tax law.
  • Sub-processor retention: Anthropic retains prompts and responses for 30 days under their standard data policy. Voyage AI does not retain embedding inputs. We do not control these timelines but list them here for transparency.

11. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you (Article 15)
  • Have inaccurate data corrected (Article 16)
  • Have your data erased (Article 17)
  • Restrict or object to certain processing (Articles 18 and 21)
  • Receive a portable copy of your data (Article 20)
  • Withdraw consent at any time, where consent is the lawful basis

To exercise any of these rights, email support@getsidenote.app. We will respond within one calendar month.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

12. Data storage and security

Where your data is stored:

  • Account data, document content, and chat history are stored in our Supabase database in London, United Kingdom (AWS eu-west-2), encrypted at rest.
  • Uploaded files (for example PDFs) are stored in private storage buckets in the same UK region, accessible only through short-lived signed URLs issued to your authenticated session.
  • OAuth tokens for connected accounts are encrypted at rest with AES-256-GCM before storage, and are deleted when you disconnect the integration.
  • Payment data is stored by Stripe, not by us (Section 2).
  • The extension's session and preferences are stored locally on your device in chrome.storage.local and never leave your browser except to authenticate you with our backend.

How it is secured: network traffic between your browser and our servers is encrypted in transit (TLS). Database access is restricted to service-role credentials and protected by row-level security policies that scope each user's data to their own account. How long it is stored is set out in Section 10.

13. Children

Sidenote is not intended for users under 16. We do not knowingly collect personal data from anyone under 16.

14. Changes to this policy

We may update this Privacy Policy from time to time. The “last updated” date at the top of this page reflects the most recent revision. Material changes will be communicated via email to active accounts.

15. Contact

Questions about this Privacy Policy or how Sidenote handles your data — email support@getsidenote.app.