Privacy Policy

Overview

Krill.to ("Krill", "we", "us") is a bookmark management tool for Twitter/X. This policy explains what data we collect, why, and how we handle it.

We keep things simple: we collect what we need to make the product work, nothing more.

Data we collect

Account data. When you sign up, we store your email address and authentication credentials via Supabase Auth. We do not store passwords directly — authentication is handled by Supabase.

Bookmark data. When you use the Krill extension to save a tweet, we store the tweet content, author information, media URLs, and metadata (date, thread structure, article content). This data is scraped from publicly visible tweets on X.

User-generated content. Notes, highlights, collection names, and chat messages you create within Krill are stored in our database.

AI embeddings. We generate vector embeddings of your bookmark content using Google Gemini to power semantic search and AI chat. These embeddings are numerical representations stored alongside your bookmarks.

How we use your data

• Storing and displaying your saved bookmarks, notes, and highlights
• Powering full-text search and semantic search across your bookmarks
• Auto-categorizing bookmarks and suggesting collection matches
• Enabling AI chat — your bookmark content is sent to Google Gemini to generate responses to your questions
• Improving the product based on aggregate, anonymized usage patterns

Third-party services

We use the following third-party services:

• Supabase — Database hosting and authentication
• Google Gemini — AI text generation and embedding creation
• Vercel — Application hosting

Your bookmark content is sent to Google Gemini for AI processing. We do not sell or share your data with any other third parties.

Chrome extension

The Krill Chrome extension operates only on x.com and twitter.com. It reads tweet content from the page DOM when you click the Krill button. The extension does not track your browsing history, inject ads, or collect data from any other websites.

The extension stores your configured server URL in Chrome sync storage. No other data is stored locally by the extension.

Data retention

Your bookmarks and associated data are stored as long as your account is active. You can delete individual bookmarks, highlights, notes, collections, and chat threads at any time. If you delete your account, all associated data is permanently removed.

Security

All data is transmitted over HTTPS. Database access is protected by Supabase Row-Level Security, ensuring users can only access their own data. We do not store passwords or sensitive credentials directly.

Your rights

You can:

• Access and export all your stored data
• Delete any or all of your bookmarks, notes, and highlights
• Delete your account and all associated data
• Contact us with questions about your data at hello@krill.to

Changes to this policy

We may update this policy from time to time. Significant changes will be communicated via email or an in-app notice. Continued use of Krill after changes constitutes acceptance.