Privacy Policy

Your data stays yours.

We built Esticra to help you — not to harvest your data. Here's exactly how we handle your information, written in plain English.

Last updated: May 15, 2026

TL;DR

  • Images are processed and immediately discarded — never stored
  • We don't sell, share, or monetize your data — ever
  • No tracking pixels, no fingerprinting, no ad networks
  • Extracted text lives only in your browser's local storage
  • You can delete all local data at any time

1. What we collect

Screen captures (transient)

When you use Esticra to extract text, the selected area of your screen is sent to our OCR processing server. This image exists in server memory only for the duration of processing (typically under 3 seconds) and is immediately discarded — it is never written to disk, logged, or stored in any database.

Extracted text

The text returned from OCR processing is stored only in your browser's local storage on your device. We do not retain, log, or have access to the extracted text after it is returned to your browser.

Anonymous usage metrics (optional)

We collect minimal, fully anonymized metrics to improve reliability: error codes (not content), response times, and browser type. These contain no personally identifiable information and cannot be linked back to you. You can opt out at any time in extension settings.

2. What we never collect

  • Your name, email, or any personal identifiers
  • Browsing history or page content beyond what you explicitly capture
  • Cookies for tracking or advertising purposes
  • IP addresses (our server does not log them)
  • Keystroke data, form inputs, or clipboard contents

3. How processing works

01

You select an area on your screen

02

The image is sent via encrypted HTTPS to our server

03

OCR runs in memory — text is extracted

04

Text is returned to your browser; image is permanently deleted

The entire round-trip typically completes in under 3 seconds. No part of your image or text is ever persisted on our infrastructure.

4. Data security

All communication between your browser and our server is encrypted with TLS 1.3. Our processing server runs in isolated containers with no persistent storage attached. We follow security best practices:

  • End-to-end HTTPS encryption for all data in transit
  • Stateless processing — no database, no file system writes
  • Regular security audits and dependency updates
  • Minimal attack surface — our server only accepts OCR requests

5. Third-party services

Our OCR backend is hosted on Render (render.com), a SOC 2 Type II certified hosting provider. We use AI models for text recognition that process data in memory only. We do not integrate any analytics platforms, advertising networks, or data brokers.

6. Your rights & control

  • Delete local data: Clear your browser's extension storage at any time to remove all saved results
  • Opt out of metrics: Disable anonymous usage reporting in extension settings
  • Uninstall: Removing the extension deletes all associated local data
  • Data portability: Your extracted text is stored in standard formats accessible to you
  • Right to know: Contact us anytime to ask what data (if any) we hold — the answer is none

7. Children's privacy

Esticra is not directed at children under 13. We do not knowingly collect information from children. Since we don't collect personal information from anyone, this is inherently satisfied.

8. Changes to this policy

If we make material changes to this policy, we'll notify users through the extension's update notes and update the date at the top of this page. We will never weaken privacy protections without explicit notice.

9. Contact

Questions or concerns? We're real people and we care about your privacy.

Reach us at privacy@esticra.com

TLS 1.3 Encrypted
Zero Data Retention
No Tracking
SOC 2 Hosting