Short version: Gisty does not collect, store, or transmit any of your data to us. Your API keys and all extension settings stay on your own device. The only network calls Gisty makes are directly from your browser to the AI provider you've configured (Anthropic, OpenAI, Google, or xAI), using your own API key, to summarise the page you're viewing or to fetch that provider's current model list.
What Gisty does
Gisty is a Chrome extension that reads the text content of the web page you're currently viewing, sends it to an AI model of your choosing, and displays a summary alongside an optional chat interface for follow-up questions.
What data is accessed
Page content: When you click the Gisty icon, the extension reads the visible text of the currently active tab using Chrome's scripting API. This happens only when you actively trigger it — never automatically or in the background.
API keys: Any API key you enter (Anthropic, OpenAI, Google Gemini, or xAI Grok) is stored using Chrome's local storage API, on your device only.
Chat messages: Questions you type in the chat panel are sent, along with the page content, to whichever AI provider you've selected — never to us.
Model lists: When you save an API key, Gisty queries that provider's model-list endpoint (using your key) to populate the model selection dropdown with currently available models.
What we do NOT do
We do not operate any backend server. There is no Gisty server receiving your data.
We do not collect analytics, telemetry, or usage statistics.
We do not sell, share, or transmit your data to any third party other than the AI provider you explicitly configure.
We do not have access to your API keys, page content, or chat history at any point.
Where your data goes
When you summarise a page, ask a question, or load the model list, requests are sent directly from your browser to the API endpoint of the provider you've selected:
Anthropic — api.anthropic.com
OpenAI — api.openai.com
Google — generativelanguage.googleapis.com
xAI — api.x.ai
This request uses the API key you provided, billed to your own account with that provider. Each provider's own privacy policy and terms of service govern how they handle that request. Gisty has no visibility into, or control over, what happens to your data once it reaches the provider you've chosen.
Local storage
Gisty stores the following locally in your browser, using Chrome's standard extension storage (never synced to any Gisty-operated server, since none exists):
Your API key(s) for whichever provider(s) you've configured
Your selected active provider and model
A cached copy of each provider's available model list (refreshed on request)
Your light/dark theme preference
This data stays on your device and is removed if you uninstall the extension or clear your browser's extension storage.
Permissions explained
activeTab / scripting: Required to read the text of the page you ask Gisty to summarise.
storage: Required to remember your API keys, model selections, and preferences locally so you don't re-enter them every time.
windows / tabs: Required to open the resizable summary panel and detect which tab you want summarised.
Host permissions (api.anthropic.com, api.openai.com, generativelanguage.googleapis.com, api.x.ai): Required so your browser can send requests directly to the AI provider you've configured, both for summarisation/chat and for fetching that provider's current model list.
Open source
Gisty's full source code is publicly available for inspection at github.com/your-username/gisty. You're welcome to verify everything in this policy by reading the code directly.
Changes to this policy
If this policy changes, the update will be reflected on this page with a revised "Last updated" date.
Contact
Questions about this policy can be raised via a GitHub issue on the repository linked above.