Privacy Policy
For Wisteria Software products, including ChatGPT Gemini Outline & Export,
Inbox Capture, and Inbox Local / Wisteria Inbox
Last updated: May 16, 2026
Privacy Summary:
- Local Processing: ChatGPT and Gemini conversation content is processed locally in your browser.
- Not Uploaded to Our Servers: We do not upload your chats to our servers.
- No Advertising Trackers: We do not use advertising trackers or sell personal data.
- Minimal Data Collection: We only collect limited information such as email address, license status, and payment information for activation, billing, and support.
- Secure Payments: All payments are processed securely by Paddle, our Merchant of Record.
1. Core Privacy Principles
Wisteria Software is committed to protecting your privacy. Our products, including browser extensions and local applications, are designed with a "local-first" philosophy:
- Localized Processing: All outline generation and content processing run locally in the user’s browser.
- Data Ownership: Your conversation content belongs to you; we do not access, store, or monitor your chat history.
- Transparency: We only collect the minimum information absolutely necessary to operate our services.
2. ChatGPT Gemini Outline & Export
This section applies to our browser extensions for ChatGPT and Gemini:
Conversation Processing: Content read by the extension (to generate directories, outlines, or exports) is processed entirely locally in your browser and is not uploaded to our servers.
Exporting: When you use the export functionality (e.g., export to Markdown), files are generated locally and saved by you.
Data We Collect: To manage your subscription and license, we may collect the following when paid features are enabled:
- Email address
- License activation status
- Payment-related identifiers provided by Paddle (Merchant of Record)
- Support communication data when you contact us
This data is used solely for license verification, billing management, and providing customer support. We do not use this data or your exports for advertising or profiling.
3. Inbox Capture
Inbox Capture is designed to capture user-selected browser content and send it into a local Inbox workflow. The content you capture is processed primarily on your device.
If local integration is enabled, Inbox Capture may connect from the browser to a service running on the same
device, such as a local endpoint like 127.0.0.1 or localhost, in order to pass
captured content into your local Inbox environment.
We do not route captured page content through our servers merely because you use the capture flow locally. If a future feature introduces cloud handling for captured content, that feature should state so clearly at the point of use.
4. Inbox Local / Wisteria Inbox
Inbox Local / Wisteria Inbox is intended to run as a product installed and operated on the user's own device. In this local-first model, your notes, imported content, screenshots, Markdown files, and related working data are stored and processed on your own machine rather than being routed through our servers.
If you configure AI settings, API keys, model preferences, or local integrations for Inbox Local / Wisteria Inbox, those settings are intended to remain in your own local environment unless a future feature explicitly states otherwise.
In other words, the product itself acts as a local server or local service on the user's own device. We do not provide a general cloud storage service for the user's local Inbox content through this site.
5. Payments, Support, and Third-Party Services
We use selected third-party service providers to support payments, hosting, content delivery, security, and infrastructure operations.
Payments are processed by Paddle as Merchant of Record. Paddle may process billing, checkout, and transaction information under its own privacy and compliance framework.
Hosting providers, CDN services, and related infrastructure vendors may process standard technical request data as needed to serve this website securely and reliably.
If you contact support, we may process the information you provide to respond to your request, diagnose issues, and maintain customer support records where reasonably necessary.
6. Legal Basis for Processing
Where applicable under UK GDPR or EU GDPR, we process limited personal data under one or more of the following bases:
- Performance of a contract – to provide paid features, checkout-related services, licensing, and support
- Legitimate interests – to secure our services, prevent fraud and abuse, diagnose issues, and operate the website
- Legal obligations – where we must retain or disclose information to comply with applicable law
7. Data Retention and Security
Local product data remains primarily under your control on your own device. Uninstalling a product, clearing local browser storage, or removing local application data may remove locally stored data, depending on how you use the product.
Server-side logs, licensing records, checkout-related identifiers, and support records are retained only for as long as reasonably necessary for security, fraud prevention, legal compliance, payment administration, and service operations.
We implement reasonable technical and organizational measures designed to protect data against unauthorized access, alteration, disclosure, or destruction.
8. International Data Transfers
Our service providers may process relevant data in the United Kingdom, the European Union, or other jurisdictions, depending on the provider and technical delivery path, in accordance with applicable data protection law.
9. Your Rights and Contact
Depending on your location and applicable law, you may have rights to request access, correction, deletion, restriction, objection, or other information about how your personal data is handled.
To make a privacy-related request or ask a question about this policy, please contact: [email protected]