Privacy Policy

Last updated: March 8, 2026

FirmRecord ("we", "us", "our") operates the FirmRecord Chrome extension and the firmrecord.com website. This policy describes what data we collect, why, and how we handle it.

What We Collect

• Account information. Email address and a hashed password when you create an account.
• Page URLs. The URL of the page you choose to prove. We never capture pages automatically.
• Screenshots. A screenshot of the visible tab at the moment you click "Prove This Page." This is optional and only taken with your explicit action.
• Cryptographic proofs. The TLSNotary proof data generated during the proving process, including the HTTP response body and headers from the target server.
• Case numbers. If you enter a case or matter number, we store it to help you organize your proofs.
• Payment information. Credit purchases are processed by Stripe. We never see or store your card number.

What We Do Not Collect

• Browsing history. We do not track, log, or transmit any pages you visit. The extension only activates when you click it.
• Cookies. While the extension reads cookies to include in the TLS session (required for TLSNotary to work), cookie values are redacted from the proof using selective disclosure. Cookie data is never sent to our servers.
• Background activity. The extension performs no background scanning, tracking, or data collection.

How We Use Your Data

• To generate and store cryptographic proofs of web content that you request.
• To display your proofs and proof history in the extension and on firmrecord.com.
• To process credit purchases and manage your account.

Third-Party Services

• Bittensor SN103 (Djinn). Proofs are generated using independent notary nodes on a decentralized network. The target URL and HTTP response pass through these nodes as part of the MPC-TLS protocol. Node operators do not receive your cookies or authentication tokens.
• Stripe. Payment processing. Subject to Stripe's privacy policy.

Data Storage and Security

Proof data, screenshots, and account information are stored on servers located in Germany (Hetzner). Data is transmitted over TLS. Passwords are hashed with bcrypt.

Data Retention

Your proofs and account data are retained for as long as your account exists. You may request deletion of your account and all associated data by emailing admin@firmrecord.com.

Your Rights

You can request access to, correction of, or deletion of your personal data at any time by contacting us at admin@firmrecord.com.

Permissions Explained

The Chrome extension requests the following permissions:

• activeTab. To capture a screenshot and read the URL of the page you want to prove.
• cookies. To include authentication cookies in the TLS session for accurate page capture. Cookie values are redacted from proofs.
• storage. To save your login token and case number history locally in your browser.
• offscreen. To run the TLSNotary WASM prover, which requires a background document with WebAssembly support.
• host_permissions (all URLs). Required because TLSNotary needs to establish a TLS connection to any website you choose to prove. No data is sent from any site without your explicit action.

Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated date.

Contact

Questions or concerns? Email us at admin@firmrecord.com.