Privacy policy

Last updated: 2026-04-11

Broadsheet is a read-it-later app. You save articles from the web, and we store them in a per-user library so you can read them later. This policy covers both the Broadsheet web app and the Broadsheet Chrome extension (the “service”).

Account data

Authentication is handled by Clerk. When you sign in, Clerk stores the identifiers you provide (email address and, if you use a social login, the provider’s user ID). Broadsheet only receives a stable user ID from Clerk and uses it to scope your library to your account.

Article data

When you save a URL, Broadsheet fetches the page (or receives the rendered HTML from the Chrome extension), parses it into clean Markdown with Mozilla Readability, and stores the result in a per-user volume. Stored fields include the article title, author, canonical URL, saved-at timestamp, tags, read state, and the Markdown body.

Storage uses Vercel Blob in production. Only you (and the Broadsheet operator, for operational reasons such as debugging a failed save) can access the contents of your library.

Chrome extension

The Broadsheet Chrome extension is a thin client for this web app. When you click the toolbar icon, press the save shortcut, or click Save this tab in the popup, the extension reads:

• The URL of the active tab.
• The rendered HTML of the active tab (document.documentElement.outerHTML), captured via chrome.scripting.executeScript. This lets Broadsheet save paywalled or client-rendered pages that the server couldn’t otherwise fetch.

The extension also reads and writes a single preference in chrome.storage.sync: baseUrl, the Broadsheet instance the extension should talk to. It defaults to the production URL and can be changed via the options page (for example, to point at a local dev server).

No other tab content, browsing history, form data, or telemetry is collected. On save, the extension sends an HTTPS POST to ${baseUrl}/api/articleswith a JSON body containing the URL and (when available) the rendered HTML. Authentication uses the browser’s existing cookie session with your Broadsheet account — the extension never stores, reads, or forwards credentials itself.

What we don’t do

• No third-party analytics or tracking pixels.
• No advertising.
• No selling, renting, or sharing of your data with third parties.
• No contact with hosts other than the configured Broadsheet instance (from the extension).

Permission rationale (extension)

• activeTab + scripting— read the URL and rendered HTML of the tab you explicitly act on. Only triggered by a user gesture (click or keyboard shortcut).
• storage — persist the baseUrl preference across browser restarts.
• notifications— show a toast when a save succeeds or fails.
• Host permission for https://broadsheet.marginalutility.dev/*— deliver the save request with the user’s existing cookie session.
• Optional host permissions for http://localhost/*, http://127.0.0.1/*, and https://*/* — requested only if you point the extension at a non-default Broadsheet instance via the options page.

Deletion

To delete your account and its data, open an issue at github.com/mcclowes/broadsheet/issues. Self-service deletion is on the roadmap.

Contact

Questions or concerns: open an issue at github.com/mcclowes/broadsheet/issues.