hejmae Clipper — Privacy Policy

• The extension does one thing: save a product you’re looking at to your hejmae account.
• The extension itself transmits data only to hejmae.com — your own account. No analytics, no third-party trackers, no advertising.
• When you click Save, the extension uploads the current tab’s URL, title, and the page’s rendered HTML (up to 1.5 MB) so hejmae can extract the product name, brand, price, and image. Raw HTML is used for that extraction and is not retained in the hejmae database afterwards.
• To turn the page into structured product data, the hejmae server sends a cleaned excerpt of the HTML (scripts/styles/navigation removed, capped at ~120 KB) to Anthropic’s Claude API as a sub-processor, and an assembled text summary of each saved product (name, brand, type, style, short description) to OpenAI’s embedding API for catalog search. Both vendors are bound by their commercial API terms not to train on this data and to delete it within 30 days. The full sub-processor list is below.
• The extension never reads cookies directly. When it calls the hejmae API, Chrome automatically attaches your hejmae sign-in cookie because the request is going to hejmae.com — the same way any browser tab would. The extension cannot see or touch cookies belonging to any other site.
• A small amount of data (your profile, project list, and last-used project) is cached on your own device in Chrome’s local storage for up to five minutes, or until you sign out.

The hejmae Clipper is a Chrome extension for interior designers who already have a hejmae account. Its single function is: when you’re browsing a product page (a sofa, a sconce, a rug), you can click the extension and save that product to your hejmae library, optionally tagged to a specific project. The extension does not run unless you click it.

1. Active tab metadata — read only when you open the popup

When you click the hejmae Clipper icon, the extension reads the URL, page title, and favicon of the tab you’re currently looking at. This happens because the extension was designed for you to click Save on that page. It does not read tabs you haven’t visited or that you closed.

2. Rendered HTML — uploaded only when you click “Save”

When you press the Save to Clippings button, the extension reads the rendered HTML of the active tab (document.documentElement.outerHTML), caps it at 1.5 MB, and posts it to https://hejmae.com/api/clippings/clip together with the URL and title. The server uses this HTML to extract the product’s name, brand, price, and image. It is the only way to capture products from modern shopping sites that load their content with JavaScript.

What this HTML may contain. The rendered HTML is whatever the page contains at the moment you click Save. On a shopping site this is almost always product information. On a logged-in page, it could include information visible to you in that tab — for example, your name in an account menu, or items in a cart. Only click Save on pages you’re comfortable sharing with your own hejmae account. The extension does not capture HTML at any other time.

How the server uses the HTML. The hejmae server parses the upload, extracts the product fields, and discards the raw HTML once extraction completes. The extracted product fields (name, brand, price, image URL) are stored as a clipping in your hejmae account.

3. Authentication — no direct cookie access

The extension does not request the Chrome cookies permission and does not read cookies itself. When the popup opens, it calls https://hejmae.com/api/me with credentials: ‘include’; Chrome attaches the existing hejmae __session cookie automatically because the request is going to the hejmae origin, which the extension is allowed to talk to via host_permissions. A 401 response is the signal that you have signed out on the web; at that point the extension clears its local cache and prompts you to sign in again. The cookie’s value is never read, copied, or forwarded by the extension.

4. Profile and project list — cached on your device

After you sign in, the extension fetches and caches:

• Your hejmae profile: user id, email, name, studio logo URL, studio id, role
• Your active project list: project ids, names, statuses
• The id of the last project you tagged a clipping with

This cache lives in chrome.storage.local on your own computer for up to five minutes (the profile and project list refresh automatically after that). The last-used project id persists until you sign out. When you sign out of hejmae on the web, the extension automatically clears its profile cache.

chrome.storage.local is not encrypted — it is plaintext inside your Chrome profile directory. On a shared machine, another user of the same Chrome profile could read it; another extension cannot.

The extension itself

The extension communicates with exactly one server: hejmae.com (and its subdomains, e.g. www.hejmae.com). Every API call the extension makes is sent to that origin.

The extension does not contact:

• Any analytics service (no Google Analytics, no PostHog, no Mixpanel, etc.)
• Any error-reporting service (no Sentry)
• Any advertising network
• Any third-party CDN or telemetry provider

This is enforced both by the extension’s code and by its manifest, which only requests permission to talk to hejmae.com domains.

What the hejmae server does with your clipping

Once the rendered HTML arrives at hejmae.com, the server forwards portions of the data to a small number of trusted sub-processors as part of normal product extraction and catalog search. The full list is in the Sub-processors section below. Notably:

• A cleaned HTML excerpt (scripts, styles, navigation stripped; capped at ~120 KB) is sent to Anthropic’s Claude API so the model can verify the extracted product name, brand, price, image, and style.
• The assembled product summary (name, brand, item type, style, and the short product description) — not the raw HTML — is sent to OpenAI’s embedding API so your catalog can be searched.

A sub-processor is a third-party service that handles user data on hejmae’s behalf. We use the following sub-processors. Each is bound by contract to use your data only to deliver their service to hejmae, not for any independent purpose.

We do not share data with any other third party. We do not sell user data.

• We do not read or modify pages you visit unless you click Save.
• We do not inject content scripts into arbitrary websites.
• We do not track your browsing history.
• We do not read clipboard contents, microphone, camera, geolocation, or any device sensor.
• We do not read cookies from any site other than hejmae.com.
• We do not sell user data.
• We do not load remote code at runtime. The extension’s JavaScript is the JavaScript reviewed by the Chrome Web Store at publish time.

Once a clipping is saved, the underlying product data lives in your hejmae account under the normal account terms (see the main hejmae privacy policy at /legal/privacy). You can delete clippings at any time from /dashboard/clippings. Deleting a clipping removes it from your account.

The raw HTML uploaded when you click Save is consumed by the server’s extraction pipeline and is not persisted to the hejmae database. Standard server logs may retain request metadata (timestamp, URL, response status) for operational debugging; logs do not include the raw HTML body of the upload.

If you have a hejmae account, you can:

• View every clipping in your account at /dashboard/clippings.
• Delete any clipping.
• Delete your entire hejmae account by contacting privacy@hejmae.com. Deletion removes the clippings stored on the server. The extension’s local cache is cleared automatically when you sign out.

If you’re in a jurisdiction that grants you formal data-subject rights (GDPR, CCPA, etc.), you can exercise them by emailing the contact address above.

The hejmae Clipper is a tool for professional interior designers and is not directed at children under 13. We do not knowingly collect information from children.

If this policy changes materially, we will update the Effective date at the top and post a notice in the Chrome Web Store listing release notes. The latest policy is always available at this URL.

Questions, deletion requests, or security disclosures: privacy@hejmae.com.