OXMA Privacy Policy
Effective: July 5, 2026 · Contact: [email protected]
Core principle: the OXMA browser extension is local-first. Your conversations, files, keys and settings stay on your own computer — the developer does not collect, receive or store them.
The one exception is the website's membership & purchase — when you register to buy Pro, we collect the account info (such as email) needed to send your license. The two are explained separately below.
ExtensionCollects nothing
No first-party server, no account, no analytics, no ad SDK. The developer never sees your conversations, browsing, files or keys.
Website · MembershipOnly purchase essentials
On signup we collect name / email / password (encrypted) to create the account, send licenses and necessary notices. No ads, no selling.
1. Extension: what we collect
Nothing. The OXMA extension has no first-party server receiving user data, no built-in account system, no analytics, no ad SDK. The developer cannot see your conversations, browsing, files or keys.
2. Extension: where data lives
- Conversations, worker settings, skills, workflows, memory: stored in your browser's local storage (localStorage / IndexedDB), on your device only.
- Connector keys (API tokens), license code: stored locally. The license is verified locally and never sent to our servers.
- Produced files: saved to your chosen local folder.
- Removing the extension clears this local data.
3. Extension: when data leaves your computer
Only when you configure and instruct it, to complete your task:
- To the model endpoint you set: by default your local LM Studio / Ollama (localhost — nothing leaves). If you enter a cloud model key, task text and screenshots go to the endpoint you specified.
- Advanced reasoning (Pro): sends the current context to the model endpoint you configured to get a suggestion, which the local machine then assembles. Uses your own model settings; you control the data flow.
- API connectors (Pro): only when you enable and instruct, necessary data goes to the external service endpoints you set (e.g. ComfyUI, Postiz, Cloudflare), not through us. Every outbound action asks first.
- Mobile alerts (Pro): if you bind Telegram, messages pass via Telegram's official API between your device and your Telegram account; we do not store message content.
4. Website membership: what we collect
Only when you register / purchase Pro on the site do we collect:
- Name or company, email: to create the account, send licenses, process purchases and necessary notices.
- Password: stored as an encrypted hash; we cannot recover your plaintext password.
- Purchase & license records: order ID, license code, timestamp, for support and license management.
Payment is handled by a third-party processor; we do not store your card number.
5. What we don't do
- No selling, renting or trading your personal data.
- No advertising with your data, no cross-site tracking profiles.
- No ads in the extension; no paid influence on OXMA's behavior.
6. Your rights
You may request to view, correct or delete your membership data anytime via the contact email below. After account deletion, purchased licenses still work offline in the extension (verification needs no server).
7. Retention
Membership data is kept until you request deletion or the account is closed. Transaction records required by law (e.g. invoices) are kept per regulation. Local extension data is yours to control — remove the extension to clear it.
8. Children's privacy
Built for business and professional users; not directed at children under 13, and we do not knowingly collect their data.
9. Updates
Updates change the effective date and are posted on the site. Material changes are emailed to members.
10. Contact
Privacy questions: [email protected]
← Home · Sign up