Privacy Policy

    Last updated: April 2026

    The short version

    Enquire is a Chrome extension + cloud bridge that lets AI agents act inside your browser session. The whole point of the product is that we use as little of your data as possible and run as much as we can locally. Concretely:

    • Pages you visit, what you click, what's on screen — these stay in your browser. Enquire does not send them to any server unless you explicitly ask the agent to do something that requires it (e.g. summarise a page, where the page text goes to whichever LLM you configured).
    • Your accounts and passwords — never read, never transmitted. The agent uses your existing logged-in session the same way you do.
    • What we DO store on our servers: your email, agent procedures (skills) you save, billing usage telemetry (token counts), and conversation logs you opt into syncing. Details below.

    What we collect

    1. Account data

    When you sign up via app.enqr.dev/sign-in, we store: email, password (hashed via bcrypt by Better Auth), name, billing tier (BYO or managed). Standard authentication infrastructure.

    2. Procedures (skills)

    When you save a procedure for an agent to replay later, we store the YAML body, content hash, Ed25519 signature, and metadata (success rate, last run). You can edit and delete these at any time on the dashboard.

    3. Usage telemetry

    Every tool call your agent makes through our bridge writes a small record: which tool, when, how many input/output tokens, the estimated cost, the latency. We use this for billing (managed mode) and to render the cost dashboard. We do not store the tool's arguments or its result content.

    4. Conversations (optional)

    If you enable conversation sync, we store the conversation history (your messages, tool calls, results). This is off by default; conversations live in your browser unless you turn on sync. You can delete any conversation server-side via the dashboard.

    5. What we do not collect

    • The contents of the pages you browse
    • Your cookies, local storage, or any site you're logged into
    • Your browsing history
    • Keystrokes, mouse movements, or any user input outside agent flows
    • Information from sites you visit while not actively using Enquire

    Third parties

    LLM providers (your choice)

    When the agent runs, it calls a Large Language Model. You pick which one in Settings. In BYO mode, you configure your own API key and the LLM provider (Anthropic, OpenAI, Google, AWS Bedrock, Azure, Ollama) gets the agent's prompts and tool results directly from your browser — Enquire's servers don't see them. In managed mode, prompts are routed through our bridge to Anthropic Claude; we see the token counts but not the content.

    Infrastructure providers

    • Vercel hosts the dashboard you're reading right now.
    • Railway hosts the API and bridge services and a Postgres database. Postgres is encrypted at rest.
    • Stripe processes payments for managed-tier users. We never see your card details — they live with Stripe. We store your Stripe customer ID and subscription status.

    Each provider has its own privacy policy; we recommend skimming them.

    How long we keep things

    • Account: until you delete it. Deletion is immediate from our side; backups roll off after 30 days.
    • Procedures: until you delete them. Deleted procedures are soft-deleted (archived) for 30 days then purged.
    • Usage telemetry: 13 months, then aggregated and individual records purged.
    • Conversations (if synced): until you delete them. We keep them indefinitely otherwise.
    • Webhook + Stripe records: as required by financial regulations (typically 7 years for tax records).

    Your rights

    You can, at any time:

    • Export everything we have on you: app.enqr.dev → Account → Export
    • Delete your account: app.enqr.dev → Account → Delete — this cascades to procedures, conversations, and usage logs.
    • Toggle conversation sync on/off in Settings.
    • Sign out of the extension to revoke its bridge access without deleting data.

    If you're in the EU/UK and want to exercise GDPR-specific rights (rectification, restriction, objection), email the address below.

    Children

    Enquire is not intended for users under 13. If you believe a child has signed up, email us and we'll delete the account.

    Changes to this policy

    We'll post material changes to this page and announce them at the top of the dashboard. Continued use after the change constitutes acceptance.

    Contact

    Privacy questions or requests: privacy@enqr.dev.

    Back to home