Makro Privacy Policy

Effective Date: February 12, 2026  •  Last Updated: May 10, 2026

TechHQ USA, LLC (“we”, “us”, “our”) operates the Makro browser extension (“Makro”, “the Extension”). This Privacy Policy explains what data Makro collects, how it is used, and your rights regarding that data.

1. Data We Collect

1.1 Data Stored Locally (All Users)

The following data is stored on your device using the browser’s extension storage and never leaves your device unless you enable cloud sync:

• Macros: Hotwords, titles, body text, tags, keyboard shortcuts, and category structure
• Settings: Theme preferences, editor options, AI provider configuration
• Usage statistics: Per-macro usage counts and timestamps (for the Stats tab)
• Clipboard history: Recent clipboard entries (if you enable this feature). Clipboard data is encrypted and stored locally only. Entries that appear to be passwords are automatically excluded if the “Skip passwords” setting is on. An optional “Auto-clear clipboard” toggle automatically clears sensitive entries (passwords, API keys) after a configurable delay.
• Smart Copy (OCR) data: When you use Smart Copy to extract text from an image, the image is fetched from its source URL and processed locally on your device using tesseract-wasm (WebAssembly). No image data is sent to our servers. The image buffer may be temporarily cached in browser session storage (cleared when you close your browser) to allow retries without re-fetching. The extracted text is also held in session storage for the [$OCR_RESULT] placeholder. On Chrome, image processing runs in an offscreen document; on Firefox, it runs in the extension’s event page.
• Device identifier: A randomly generated UUID used for encryption key derivation. This is not linked to your identity.
• Encryption keys: A device-specific key and a random salt, used to encrypt your local data with AES-256-GCM.

1.2 Anonymous Telemetry (All Users)

Makro sends a weekly anonymous heartbeat to our server. Telemetry is split into two tiers so you control exactly what is shared:

Tier 1 - Basic Analytics (opt-in during onboarding; can be changed in Settings > Privacy Controls)

Data	Purpose	Retained
Extension version	Track adoption of new versions	1 year, then auto-deleted
Browser platform	Understand platform distribution	1 year, then auto-deleted
Browser locale	Prioritize localization efforts	1 year, then auto-deleted
Country (derived from IP by Cloudflare)	Understand geographic distribution	1 year, then auto-deleted
Subscription tier (free, pro, or premium)	Understand tier distribution	1 year, then auto-deleted
Macro count (aggregate total)	Understand usage scale	1 year, then auto-deleted
Expansion count (aggregate total)	Understand feature adoption	1 year, then auto-deleted
Category count (aggregate total)	Understand organizational complexity	1 year, then auto-deleted
Time saved (estimated seconds)	Aggregate productivity metrics	1 year, then auto-deleted
Days since install	Understand retention	1 year, then auto-deleted
Build type (isDev flag)	Keep test installs and uninstall pings out of real-user metrics (so they don’t inflate our usage stats)	1 year, then auto-deleted

Tier 2 - Detailed Analytics (separate opt-in; disabled by default)

Only sent if you explicitly enable “Detailed usage analytics” in Settings > Privacy Controls. This data helps us understand which features to improve.

Data	Purpose	Retained
Browser name (e.g. Chrome, Firefox)	Prioritize browser-specific fixes	1 year, then auto-deleted
AI provider (ollama, lmstudio, or cloud)	Understand AI feature usage	1 year, then auto-deleted
Theme (dark or light)	Prioritize theme improvements	1 year, then auto-deleted
Import source (last format used)	Prioritize importer maintenance	1 year, then auto-deleted
Features used (list of enabled toggles)	Understand feature adoption	1 year, then auto-deleted

This heartbeat is:

• Weekly - sent once every 7 days while the extension is active (rate-limited to 1 per device per day)
• Anonymous - your device ID is hashed (SHA-256, one-way) before transmission; we cannot link heartbeats to your identity
• IP not stored - your IP address is used for rate limiting (discarded within 24 hours) but never saved to our database
• Auto-deleted - telemetry records are automatically purged after 1 year
• Best-effort - if the request fails (offline, network error), it is silently dropped with no retry
• No personal data - no macro content, browsing activity, or personal information is included. Aggregate counts and feature flags cannot be linked to your identity
• Two independent toggles - you can enable or disable Tier 1 and Tier 2 independently via Settings > Privacy Controls

Why we collect this data: These aggregate metrics help us understand how many people use Makro, which platforms to prioritize, and whether new features are adopted. The data is purely statistical - it contains no names, no email addresses, no browsing history, no macro content, and no information that could identify, profile, or track any individual user. We never sell, share, or provide this data to third parties. It exists solely to help us build a better product.

1.3 Data Transmitted to Our Servers (Pro and Premium Users)

When you activate a paid subscription, the following data may be transmitted:

Data	When	Purpose
License key hash (SHA-256; raw key never leaves your device)	Every API request	Subscription validation and tier enforcement
Encrypted macros	When you click “Sync to Cloud”	Cross-device synchronization
Encrypted category names	When you click “Sync to Cloud”	Category structure synchronization
Device ID and device name	During cloud sync	Multi-device management
Sync timestamps	During cloud sync	Conflict resolution
Macro text (Pro and Premium)	When you use AI Rewrite or Semantic Search	AI text processing
OCR-extracted text (Smart Copy beta participants on Pro or Premium)	When you trigger AI Cleanup after a Smart Copy extraction (Smart Copy is currently beta-gated; see Section 1.7)	AI text cleanup of OCR results

AI text is sent only for the specific rewrite, search, or cleanup operation you initiate and is not stored after processing. AI-generated content is for general informational purposes only and does not constitute professional advice (legal, medical, financial, etc.).

Local AI Only mode: If you enable the “Local AI only” toggle in Settings > Privacy, all AI processing is restricted to local AI (Ollama or LM Studio) on your device. No macro text is sent to our servers or any third party. This toggle is independent of your subscription tier.

1.4 Website Form Data

If you use the beta signup or contact form on our website, we collect the following data depending on the form:

• Beta signup: email address, current tool usage (survey checkboxes), websites of interest (survey checkboxes), and an optional use-case description
• Contact form: name, email address, message category, and category-specific fields (bug details, billing issue description, or general message)

For contact form submissions, your IP address is hashed (one-way, irreversible) for abuse detection; the raw IP is never stored. Both forms use Cloudflare Turnstile for bot protection, which loads a third-party script from Cloudflare (challenges.cloudflare.com). This data is used solely to respond to your inquiry or notify you about beta access. It is not shared with other third parties or used for marketing.

1.5 Website Analytics

When you visit our website, we collect anonymous analytics: page path, referrer domain, country (from Cloudflare), UTM campaign parameters (if present in the URL), and a daily-rotating one-way hash of your IP for unique visitor counting. We also track anonymous button click events (e.g. "install clicked") to understand how visitors interact with our pages. No cookies and no cross-site tracking. The only third-party script loaded on our website is Cloudflare Turnstile for bot protection on the beta signup and contact forms. Analytics data is automatically deleted after 90 days.

1.6 Data We Do NOT Collect

• Names or personal identifiers (except when voluntarily submitted via website forms)
• Browsing history or web activity
• Location data
• Financial or payment information (payments are handled entirely by Polar.sh)
• Page content from websites you visit (Smart Copy reads only the specific image you right-click, not other page content)
• Keystroke data outside of explicit macro expansions you trigger

1.7 Beta Features

A small number of features are currently beta-gated and only visible to users who have signed up at makroexpander.com/beta and been granted beta access on their license:

• Smart Variants: Context-aware macro bodies that pick a different expansion based on the site, time of day, language, or other conditions. When beta is off, the editor section shows a locked overlay with a signup link; no Smart Variants data is collected, stored on our servers, or transmitted as part of telemetry.
• Conditional placeholders [$IF:…]…[$ELSE]…[$ENDIF]: Inline conditions inside macro bodies. For users without beta access, the [$ELSE] branch is used if present, otherwise the condition text is left as a literal. No additional data is collected.
• Smart Copy (OCR): Right-click image-to-text extraction. Currently beta-gated; the right-click entry opens the beta signup page for non-beta users. When enabled, the OCR extraction step runs locally on your device via tesseract-wasm (no image data sent to our servers, as described in Section 1.1). If you additionally trigger AI Cleanup on the extracted text (Pro and Premium only), that text is processed by whichever AI provider you have configured: if you have selected a local provider (Ollama / LM Studio) or enabled “Local AI only” in Settings > Privacy, the text never leaves your device; if you have selected Makro Cloud, only the extracted text is sent to our cloud AI provider as described in Section 1.3. The raw image is never sent in either case.

Beta features do not change what we collect. They are gated behind a server-set flag on your license and have no separate telemetry. If you join the beta and later opt out, the gates revert to the locked state with no data carry-over.

2. How We Use Your Data

Purpose	Data Used	Legal Basis
Macro expansion	Locally stored macros	Core functionality
License validation	License key	Contract performance
Cloud sync	Encrypted macros, device info	Your explicit opt-in
AI text rewrite	Macro text you select for rewriting	Your explicit action
Semantic search	Macro titles and bodies (for embedding)	Your explicit opt-in
Smart Copy (OCR)	Image URL, image data (processed locally), extracted text	Your explicit action (right-click)
Device management	Device ID, device name	Multi-device sync
Rate limiting	License key, request counts	Service protection
Weekly telemetry (Tier 1)	Version, platform, locale, country, tier, aggregate counts, time saved, days since install	Explicit opt-in (during onboarding); can be changed in Settings
Weekly telemetry (Tier 2)	Browser name, AI provider, theme, import source, features used	Explicit opt-in only (disabled by default)

3. Encryption and Security

3.1 Local Encryption

All macro data stored on your device is encrypted using AES-256-GCM with a key derived via PBKDF2 (600,000 iterations, SHA-256) from a randomly generated device key and a per-user random salt.

Parameter	Value	Standard
Cipher	AES-256-GCM	NIST FIPS 197 / SP 800-38D
Key derivation	PBKDF2 (SHA-256, 600,000 iterations)	NIST SP 800-132
IV / Nonce	96-bit, random per operation	NIST SP 800-38D
Salt	128-bit, random per installation	NIST SP 800-132
Crypto library	Web Crypto API (browser-native)	W3C Web Cryptography API

3.2 Cloud Sync Encryption (Zero-Knowledge)

When you use cloud sync, your macros are encrypted on your device before transmission using a key derived from your license key. Our servers store only encrypted blobs and cannot read your macro content. Only devices with your license key can decrypt the data.

3.3 Sensitive Data Warning

While your macros are encrypted both locally and in the cloud, Makro is not a password manager or secrets vault. Anyone with access to your browser or device can open the extension, trigger your hotwords, and view your macro content in plaintext. We strongly recommend that you do not store passwords, API keys, authentication tokens, or other sensitive credentials in your macros.

3.4 Session Security

Decrypted data is held in memory only during your active session. The session auto-locks after 30 minutes of inactivity. Encryption keys are never stored in plaintext.

4. Third-Party Services

Makro uses the following third-party services for paid features:

4.1 Polar.sh (License Validation)

• Purpose: Validate subscription license keys and determine tier (Free, Pro, Premium)
• Data shared: License key (validated against our Polar.sh organization)
• Privacy policy: https://polar.sh/legal/privacy

4.2 Cloudflare (Infrastructure & Makro Cloud AI)

• Purpose: Hosts our API (Cloudflare Workers) and database (Cloudflare D1) for license validation, cloud sync, and the optional Makro Cloud AI provider (text rewriting, embeddings) via Cloudflare Workers AI
• Data stored: Encrypted macros (cloud sync), device records, AI usage counts
• AI processing: Makro Cloud is an opt-in AI provider that you select in Settings > AI. When selected, the specific text you ask to rewrite or embed is processed transiently by open-source models running on Cloudflare Workers AI; your text is never sent to a third-party AI provider and is not stored, logged, or used for model training. If you have not selected Makro Cloud, no macro text is transmitted for AI processing
• Privacy policy: https://www.cloudflare.com/privacypolicy/

4.3 Local AI - Ollama / LM Studio (Default for new installs)

• Purpose: Local AI providers that run entirely on your machine. Local providers are the default starting point; Makro Cloud is opt-in
• Data shared: None - all processing happens locally on your device and never leaves it
• When: Whenever Ollama or LM Studio is configured as your AI provider in Settings

4.4 Browser Permissions

Makro requests the following browser permissions, which are necessary for core functionality:

Permission	Purpose
storage	Store macros, settings, and statistics locally
clipboardRead	Capture clipboard history (optional, user-enabled feature) and [$CLIPBOARD] placeholder
clipboardWrite	Copy expansion results and extracted OCR text to clipboard
activeTab	Insert text expansions in the active tab
contextMenus	Right-click context menu for quick macro access
alarms	Schedule periodic tasks (license revalidation, auto-backup, weekly telemetry heartbeat)
downloads	Export macros as JSON files
declarativeNetRequest	Modify request headers for local AI (Ollama) CORS compatibility
notifications	Display sync status and system notifications
offscreen	Run OCR text extraction (tesseract-wasm) in a background document (Chrome only; Firefox uses the event page)

We do not request tabs, history, cookies, webRequest, or other broad permissions.

5. Data Retention

• Local data: Stored until you uninstall the extension or clear browser data.
• Cloud sync data: Stored on our servers as long as your subscription is active. Deleted within 30 days of subscription cancellation.
• Trial data: Stored during the 30-day trial period. If you do not subscribe after the trial, server-side data is deleted within 30 days.
• AI usage logs: Request counts (no content) retained for 90 days for quota enforcement, then deleted.
• Device records: Removed when you deactivate a device or cancel your subscription.
• Telemetry heartbeats: Anonymous records automatically purged after 1 year.

6. Data Deletion

You can delete your data at any time:

• Local data: Uninstall the extension or use your browser’s “Clear extension data” feature.
• Cloud data: Contact us at support@makroexpander.com to request deletion of all server-side data.
• Device records: Use the “Manage Devices” feature in the extension to deactivate and remove devices, or contact us at support@makroexpander.com.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data (“right to be forgotten”)
• Export your data (use the extension’s Export feature)
• Restrict processing of your data
• Object to processing of your data

To exercise any of these rights, contact us at support@makroexpander.com.

7.1 California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected and the right to request its deletion. For information on your CCPA rights or to submit a request, contact us at support@makroexpander.com.

8. Children’s Privacy

Makro is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

9. International Data Transfers

Our servers are hosted on Cloudflare’s global network. By using cloud sync or AI features, your encrypted data may be processed in data centers outside your country of residence. Cloudflare maintains appropriate safeguards for international data transfers.

10. Security Incident Response

In the event of a security incident affecting our servers, we will notify affected users within 72 hours as required by applicable law and provide details on impacted data and recommended actions.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by updating the “Last Updated” date at the top of this document and, where appropriate, via in-product notice or email. Continued use of Makro after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or your data:

• Email: support@makroexpander.com

Full terms of service: Terms of Service