Privacy Policy

Last updated: 2026-06-17

This policy covers the Mandate Companion and Receipted Memory browser extensions.

Plain-language boundary

Data stored locally

Mandate Companion

Mandate Companion may store these items in browser extension storage on your device:

Receipted Memory

Receipted Memory may store these items in IndexedDB and browser extension storage on your device:

Data sent off device

The extensions do not send data to Flow Memory servers.

Data can leave your device through user-directed actions:

Export contents

Mandate Companion redacted export

A Mandate Companion export is intended for offline verification. It can include signed mandates, revocations, signed receipts, receipt hashes, chain data, public keys, verifier-facing metadata, verifier results, and redacted summaries. It is not a promise that every underlying page value is absent; inspect exports before sharing.

Receipted Memory compliance export

A Receipted Memory compliance ZIP can include `receipts.jsonl`, `public_key.txt`, `README.txt`, and an offline `verifier.html`. Receipts include released field ids and commitments, withheld field ids, input hashes, timestamps asserted by the client, public keys, signatures, and chain data. Released values are inserted into the provider prompt, not intentionally stored in portable receipts, but prompts, field ids, filenames, or user-added context can still contain personal or sensitive data.

Verifier distribution details are documented in `docs/VERIFIER_DISTRIBUTION.md`; coverage gaps and non-claims are documented in `docs/COVERAGE_GAPS.md`.

Recovery and escrow

There is no Flow Memory account recovery or server escrow for either extension.

Permissions

The extensions request browser permissions to store local data, display extension UI, and interact with the websites or origins needed for the feature. Host access is used to read the current page context or insert user-approved content. Review the store listing and browser install prompt before enabling a site.

Children's data

These extensions are not directed to children. Do not use them to collect, store, or disclose data from children unless you have the required authority and have evaluated the receiving websites and providers yourself.

No professional advice

The extensions and their receipts, mandates, suggestions, verifier output, and examples are not legal, compliance, investment, financial, tax, medical, or security advice. You are responsible for deciding whether a release, mandate, export, or provider use is appropriate for your situation.

Changes

If this policy changes, the updated file should ship with the extension package and the Web Store listing should point to the current version. Continued use after an update means you accept the updated policy.

Contact

Use the support path in `SUPPORT.md`. Do not include provider API keys, vault passphrases, recovery codes, or unredacted exports in support requests.