Scrybe の個人情報保護方針
Scrybe Privacy Policy
Last updated: June 28, 2026
This Privacy Policy applies to the Scrybe browser extension and to the hosted Scrybe backend operated by Shadoweb at https://scrybe-api.shadoweb.fr. If you configure the extension to use a self-hosted or third-party backend, that backend is operated independently and is not covered by this Privacy Policy.
- Summary
Scrybe is designed so that bookmark and history content is encrypted by the browser extension before it is sent to the backend. The hosted backend stores encrypted records and account/device metadata needed to provide sync. The hosted backend is not designed to decrypt your bookmarks, history entries, recovery bootstrap data, or pairing bootstrap data.
- Data Handled by the Extension
The extension may process the following data locally in your browser:
- Bookmark URLs, page titles, favicon URLs, and user-edited bookmark names.
- Browsing history URLs, page titles, favicons, and visit timestamps.
- Extension settings, including the configured backend URL.
- Anonymous account identifiers, device identifiers, device secrets, encryption keys, pairing codes, and recovery codes.
- Website HTML metadata used to discover declared favicons when the browser does not already provide one.
The extension does not intentionally collect names, postal addresses, email addresses, payment information, health information, personal communications, keystrokes, mouse movement, or precise geolocation.
- Data Sent to the Hosted Backend
When you use the hosted backend, Scrybe sends the following data to provide sync:
- Encrypted bookmark and history records.
- Anonymous account and device identifiers.
- Device names shown in the paired browser list, such as a browser/platform label.
- Device authentication material required to authorize sync requests.
- Pairing and recovery records, including hashed or encrypted material needed to pair or recover a browser.
- Operational request metadata that may be produced by normal web server logs, such as IP address, request time, HTTP method, path, response status, and
user agent. - Encryption and Server Access
Scrybe uses client-side encryption for synced bookmark and history content. The hosted backend stores encrypted payloads and does not receive the plaintext master key needed to read synced content. This means the hosted backend is intended to be unable to decrypt your synced bookmark and history data.
Some metadata is still necessary for operation, including account IDs, device IDs, timestamps, sync versioning, and server logs. This metadata may be visible to the hosted backend operator.
- Favicon Discovery
When saving a bookmark or history entry, Scrybe may use the favicon already provided by the browser. If no favicon is available, the extension may fetch the visited page to read declared icon metadata such as <link rel="icon">. This processing is used to identify a favicon and is not used for advertising or behavioral profiling.
- Account Model, Pairing, and Recovery
Scrybe accounts are anonymous and do not require an email address, username, or password. Pairing codes are temporary and are used to add another browser to the same account. Recovery codes are generated when an account is created and should be stored safely by the user. Replacing a recovery code invalidates the previous recovery code.
- Self-Hosted Backends
The extension allows users to change the backend URL. If you use a self-hosted backend or a backend operated by another party, your data is transmitted to that backend instead of the hosted Shadoweb backend. Shadoweb does not control third-party or self-hosted deployments and is not responsible for their security practices, uptime, logs, retention, support, or legal compliance.
- Data Retention
Encrypted sync records are retained by the hosted backend while the anonymous account exists and while the records have not been deleted through the extension. Deleted bookmarks and history entries are removed from active sync storage. Operational logs may be retained for security, abuse prevention, debugging, and service reliability for a limited period determined by hosting and operational needs.
- Data Sharing
Shadoweb does not sell Scrybe user data. Data may be processed by infrastructure providers used to host and operate the service. Data may also be disclosed if required by law, to protect the security of the service, or to investigate abuse.
- Security
Scrybe is built around client-side encryption and authenticated device access. No system can be guaranteed perfectly secure. You are responsible for keeping your browsers, devices, extension installation, pairing codes, and recovery code secure.
- Children
Scrybe is not directed to children under the age required by applicable law. The service does not knowingly collect personal information from children.
- Your Choices
You can delete bookmarks and history entries in the extension. You can clear Scrybe history, disconnect paired browsers, replace your recovery code, or change the backend URL. If you stop using the hosted backend and configure a different backend, future sync requests will be sent to the configured backend.
- Changes to This Policy
This Privacy Policy may be updated as Scrybe changes. Material updates will be reflected by changing the “Last updated” date on this page.
- Contact
For questions about this Privacy Policy or support for the hosted Scrybe service, use the Scrybe support page.