Privacy Policy

Last updated: January 11, 2026

Cocoon is designed with privacy as a core principle. We don't collect, store, or sell your data. All filtering happens using AI models you control through your own API key.

What We Don't Collect

  • No personal information
  • No browsing history
  • No analytics or usage tracking
  • No telemetry
  • No account creation required

Cocoon has no servers. We don't see your data, period.

How Filtering Works

When Cocoon encounters a page (like X/Twitter), it analyzes the page structure in your browser and sends text content to an AI model for filtering decisions. Here's exactly what gets sent:

  • Your preferences: Interests you want to keep, topics you want to hide
  • Page structure: HTML element types, CSS classes, and page layout information
  • Text content: Post text, headlines, and visible text from the page (typically 200-400 characters per post)
  • Current URL: The page you're browsing to provide context

This data is sent to OpenRouter, an AI API gateway. You provide your own OpenRouter API key, giving you full control and visibility into what's being processed.

Third-Party Data Processing

OpenRouter routes requests to AI models (currently Google Gemini 3 Flash). According to OpenRouter's privacy policy, they do not train models on your data or store request contents long-term. Requests are processed and discarded.

You can review your API usage directly in your OpenRouter dashboard. You're billed by OpenRouter based on your usage—Cocoon receives no payment or data from this process.

Local Storage

Cocoon stores the following data locally in your browser:

  • OpenRouter API key: Stored encrypted in browser storage (sync)
  • Preferences: Your interests and blocks (sync)
  • Stats: Count of posts filtered, pages processed, time saved (local only)
  • Theme settings: Visual customization preferences (sync)

"Sync" storage syncs across browsers where you're signed into the same browser account (Chrome Sync, Firefox Sync). This is handled entirely by your browser—not by Cocoon's servers.

Permissions Explained

Cocoon requests the following browser permissions:

  • Access to all websites: Required to filter content on any page you visit
  • Storage: To save your preferences locally
  • Active tab: To know which page you're viewing for context-aware filtering

These permissions are standard for content filtering extensions and are used solely for filtering functionality—not data collection.

Data Security

Your API key is stored using browser.storage.sync, which uses encryption in transit. All filtering decisions happen in real-time—nothing is logged or persisted by Cocoon beyond local statistics.

Changes to This Policy

We'll update this page if our privacy practices change. The "Last updated" date at the top reflects the most recent changes.

Contact

Questions about privacy? Email hey@davey.design