Legal
Privacy Policy
Summary
Thesara only sends data when you hover a word: the subtitle text and show name, sent to an AI to generate an explanation. Nothing is stored on our servers. No accounts, no analytics, no ads. Your data is not our product.
01 Data collected during use
Thesara is passive by default. No data leaves your device until you hover a word. The following is transmitted exclusively at that moment:
| Data | Destination | Purpose |
|---|---|---|
| Hovered word or phrase | Free Dictionary API + Groq | Fetch definition, synonyms, and contextual explanation |
| Current subtitle line | Groq via Cloudflare Worker | Scene context for the AI explanation |
| Up to 6 preceding subtitle lines | Groq via Cloudflare Worker | Improve contextual accuracy of the AI response |
| Show title + episode title | Groq via Cloudflare Worker | Help AI understand the show's world and tone |
This data is processed transiently and not stored on any Thesara-operated server.
02 Data we do not collect
- Account credentials: Thesara never reads your login details for any platform.
- Viewing history: No access to what you watch, when, or for how long.
- Payment information: Never accessed, never transmitted.
- IP address or device identifiers: Not collected by Thesara.
- Personal identifiers: No name, email, age, or demographic data.
- Usage analytics: No tracking of hover patterns, usage frequency, or behaviour.
- Crash reports or telemetry: The extension contains zero telemetry code. Verify in the source.
03 Third-party services
Thesara uses three external services, each governed by their own privacy policy.
- Groq, Inc. Subtitle text and show context are sent to Groq's inference API to generate explanations using the Llama 3 language model. groq.com/privacy-policy →
- Free Dictionary API Individual words are sent for definitions and synonyms. No personal data is involved. dictionaryapi.dev →
- Cloudflare, Inc. Groq requests are routed through a Cloudflare Worker to protect the developer's API key. Cloudflare may log request metadata per their own policy. cloudflare.com/privacypolicy →
04 Your optional API key
When the shared daily quota is exhausted, you may optionally add your own Groq API key. If you do, the following guarantees apply:
- Stored locally only: saved in
chrome.storage.localon your device, nowhere else. - Never sent to Thesara: the developer has no access to your key at any time.
- Only transmitted to Groq: used solely to authenticate requests to
api.groq.com. - Not cloud-synced:
chrome.storage.localis not synced to Google or any other device. - Extension-sandboxed: no website or other extension can read it.
- Revocable anytime: clear it from the Settings page or uninstall the extension.
You are shown a full disclosure screen (including Groq's pricing page) before you are asked to enter a key. No key is accepted without your explicit, informed action.
05 Chrome permissions
Thesara requests the minimum permissions necessary. Each is used only as described.
| Permission | Why it's needed |
|---|---|
storage |
To optionally save your Groq API key locally on your device. |
netflix.com |
To read subtitle text from the video player. Only runs on /watch/ URLs. |
api.groq.com |
To send requests directly to Groq when a personal API key is configured. |
dictionaryapi.dev |
To fetch word definitions and synonyms. |
thesara-proxy.thesara.workers.dev |
To route requests through the Cloudflare Worker when using the shared quota. |
06 Data retention
Thesara operates no databases and retains no user data. The Cloudflare Worker
processes requests in memory without logging content. The only data persisted
locally is your optional API key in chrome.storage.local, which
remains until you clear it or uninstall the extension.
07 Children's privacy
Thesara is not directed at children under 13 and does not knowingly collect personal data from minors. If you have a concern, please contact us via GitHub.
08 Changes to this policy
Material changes will be reflected here with an updated date. Because Thesara is fully open source, every revision to this policy is permanently visible in the repository's commit history.
09 Contact
Questions or concerns about this policy? GitHub Issues is the most transparent channel: public, tracked, and nothing gets lost.
GitHub Issues
Open and tracked. The right place for privacy questions.