TL;DR
SiteLogs is a Chrome extension that records how long you spend on each website on your own machine. None of your browsing data leaves your device. We don't have a server. We can't see what you visit.
What data is recorded
When you have a normal http(s) tab in focus, SiteLogs records, for each session:
- URL (full URL including path and query string)
- Page title
- Domain
- A category automatically chosen from a built-in dictionary or your own rules
- Start time and end time of the focused session
- Active milliseconds (focus time minus idle gaps)
The extension does not record:
- Page content (HTML / text / DOM)
- Form input, passwords, tokens, cookies
- Network requests made by pages
- Anything from
chrome://,chrome-extension://, orfile://URLs - Anything from incognito / private windows (Chrome blocks extensions there by default)
- Anything from domains you add to the ignore list in Settings
Where the data is stored
- Visit records and aggregated stats: in your browser's IndexedDB, on this device only.
- User preferences (rules, ignore list, tags, pinned sites, focus budgets): in
chrome.storage.sync, which Chrome syncs across your own Chrome profiles when you're signed in to Chrome. This is Google's sync service; the SiteLogs author never sees it. - Tracker runtime state (the current active-tab session): in
chrome.storage.session, which Chrome wipes when you close the browser.
Permissions and why we need them
| Permission | Why |
|---|---|
tabs | Read which tab is active and its URL/title to time it. |
tabGroups | Required for the "Organize" feature to group same-domain tabs. |
history | Used by the optional "Import from browser history" feature (a one-time prompt at first install, plus a button under Settings → Data). Reads your local Chrome history to pre-populate the dashboard so it has shape immediately. Visit counts and dates only — Chrome doesn't expose how long you spent on each page, so we don't import active time. Data stays on your device; nothing is transmitted. |
storage | Read/write the local databases above. |
idle | Detect when you've been away from the keyboard so we don't count idle time as active. |
favicon | Render site icons inline using Chrome's built-in favicon service. No external favicon CDN is contacted. |
sessions | Required to support the Sessions feature (save and restore groups of tabs). |
alarms | Schedule a 60-second heartbeat so the service worker writes your visits even if Chrome killed it. |
host_permissions: <all_urls> | Inject a tiny visibility/heartbeat script that posts only "visible"/"hidden" events and throttled "user is interacting" pings to the background. The script does not read page DOM, network, or credentials. |
What is sent over the network
Nothing about your browsing.
Today, the only outbound call SiteLogs is responsible for is:
- Google Fonts CSS — the dashboard loads Inter and Lora from
fonts.googleapis.comon the new tab. This exposes your IP address to Google Fonts the same way most websites do. We will self-host fonts in a future release to remove this dependency.
Once paid licensing launches, license activation will add one more outbound call to our payment provider — used only when you activate, validate, or deactivate a license key. Your payment details are entered on the provider's hosted checkout page and never touch SiteLogs; only your customer email is returned to the extension so we can show "Activated · you@example.com" in Settings. We will update this page with the provider's name, exact endpoints, and a link to their privacy policy when checkout opens.
No analytics, no telemetry, no crash reporting is sent.
Sync
If you're signed in to Chrome and have sync enabled, your rules, tags, pinned sites and budgets travel with your Chrome profile via chrome.storage.sync. Visits and stats do not — they stay on each device.
Data retention and deletion
We never delete your data automatically. You can:
- Open Settings → "Data" → Export JSON to back up everything.
- Open Settings → "Data" → Wipe all data to delete everything from IndexedDB and
chrome.storage.
Uninstalling the extension removes everything stored in your browser.
Children
The extension does not knowingly target users under 13.
Changes to this policy
We will update the "Last updated" date at the top of this document whenever the substance changes. This page is the canonical version.
Contact
Bug or question: see our Contact page.