Privacy Policy

Overview

Magister Browser Control ("the Extension") connects your Chrome browser to your Magister AI marketing agent, allowing the agent to interact with web pages on your behalf. This privacy policy explains what data the Extension accesses, how it is used, and how it is protected.

What Data We Access

When you attach the Extension to a browser tab, it uses the Chrome DevTools Protocol (CDP) to enable your AI agent to interact with that page. On attached tabs only, this may include access to:

• Page content (DOM, text, images displayed on the page)
• Page screenshots for visual understanding
• Network request URLs and responses
• Form field values and input data
• Browser console output
• Cookies and storage associated with the page

Important: The Extension only accesses data on tabs you explicitly attach by clicking the toolbar icon. Tabs you do not attach are never accessed.

What Data We Store Locally

The Extension stores the following in Chrome's local storage (on your device only):

• Connection settings (gateway URL, relay port)
• Authentication token (JWT) for the Magister gateway
• Session state (which tabs are attached, session IDs)

No page content, browsing history, or personal data is stored locally by the Extension.

How Data Is Transmitted

When a tab is attached, browser interaction data (CDP commands and events) is transmitted via a secure WebSocket connection (WSS/TLS) to the Magister gateway server, and from there to your personal AI agent machine. This data is used solely to enable your agent to view and interact with the page on your behalf.

Data is transmitted only to:

• Magister Gateway (magister-gateway.fly.dev) — routes commands between your browser and agent
• Your Agent Machine — your isolated, per-user AI agent running on Fly.io

How Data Is Protected

• Encryption: All data in transit is encrypted via TLS (WSS for WebSocket, HTTPS for API calls).
• Authentication: Integrations require a valid JWT token scoped to your user account. Tokens are generated through your authenticated Magister dashboard.
• Per-user isolation: Each user has their own isolated agent machine. Your browsing data is never shared with other users.
• Server-side policy enforcement: The gateway enforces URL allowlists and read-only mode restrictions. These policies cannot be bypassed by the Extension or agent.
• User control: You choose which tabs to attach and can detach at any time. You can configure URL restrictions and read-only mode in your Magister settings.

Data Retention

The Extension itself does not retain page content or browsing data. CDP data flows through the gateway in real-time and is not stored on the gateway server. Your agent machine may retain conversation logs and task context as part of normal agent operation. You can manage or delete agent data through your Magister dashboard, or by contacting support to request full account and data deletion.

Data Sharing

We do not sell, rent, or share your browsing data with any third parties. Data accessed through the Extension is used exclusively to power your AI agent's browser interactions. No data is used for advertising, analytics, or profiling.

Your Rights

• Disconnect: Remove the connection token in the Extension options to stop all data transmission.
• Uninstall: Remove the Extension from Chrome to delete all locally stored data.
• Delete account: Contact us to request full deletion of your Magister account, agent machine, and all associated data.
• Data access: Contact us to request a copy of any data associated with your account.

Permissions Explained

Contact

For privacy questions, data requests, or concerns, contact us at support@magister.so.