Privacy Policy
Last updated April 22, 2026. This policy explains how the hosted Currents service collects, uses, and shares information.

1. Scope
   This policy applies to the hosted Currents web app, browser extension, APIs, appview, and related search and inference infrastructure that we operate. It does not cover self-hosted forks or third-party services such as your PDS, Bluesky, Eurosky, or sites you visit through links saved in Currents.
2. Information we collect
   We collect or process the following categories of information:

Account and profile data such as your DID, handle, display name, avatar, description, pronouns, website, and related public AT Protocol profile fields.
Public content you create or interact with through Currents, including collections, saves, image blob references, captions, notes, source URLs, and optional attribution metadata.
Derived metadata used to operate discovery features, including image embeddings, dominant-color palettes, image dimensions, save clustering signals, and collection embeddings.
Authentication data needed to keep you signed in, including a signed currents-session cookie in the browser and server-side OAuth session records.
Search and interaction data you submit to the service, such as text queries for semantic search and standard request metadata needed to deliver, secure, and debug the service.
Local browser state. The web app currently stores your last-used collection URI in local storage to make saving faster.
If you use the browser extension, it may access the current page URL, page title, selected image URL or bytes, and Currents session cookie so it can create a save only when you invoke the extension.
3. How we use information
We use information to:

Authenticate you and maintain your session.
Fetch, index, display, and synchronize public AT Protocol content.
Provide search, related saves, discovery feeds, and personalization features.
Generate technical derivatives like embeddings and image metadata.
Detect abuse, secure the service, debug failures, and maintain reliability.
Comply with legal obligations and enforce our Terms.
4. What is public
Currents is designed around public AT Protocol records. If you publish content through Currents, that content and related metadata may be visible in Currents, on your PDS, and through other clients or protocol consumers.

Your search queries, session data, and the local browser state described above are not intended to be public user content.

1. How we share information
   We may share information in the following ways:

With the AT Protocol ecosystem and your chosen identity or hosting providers when necessary to authenticate you, fetch records, upload data, or serve public content.
With infrastructure and service providers that help us host the database, appview, image proxy, and inference systems on our behalf.
With other users and the public when the information is part of public AT Protocol content.
If required by law, to protect users or the service, or as part of a reorganization, asset transfer, or similar transaction.
We do not currently run third-party advertising trackers on the web app, sell personal information, or use Currents data to serve ads.

1. Retention
   Public records and their derived search metadata may remain in our indexes for as long as needed to operate the hosted service, plus reasonable backup and recovery windows. Deleting content from your PDS or through Currents may take time to propagate through indexes and caches.

Hosted OAuth sessions are kept only as long as needed to keep you signed in. At the time of writing, Currents expires sessions after roughly 90 days and may clear them earlier after extended inactivity.

Browser local storage remains on your device until you clear it or the app overwrites it.

1. Your choices
   Review or change your public profile and records through your AT Protocol account.
   Log out to clear the active Currents session cookie from the hosted web app.
   Clear local browser storage in your browser settings.
   Avoid posting private, sensitive, or confidential material to Currents.
   Only use the browser extension when you want to clip a page or image; it is not meant to monitor browsing in the background.
2. Children's privacy
   Currents is not intended for children under 13 or the higher minimum age required by local law. If you believe a child has provided personal information in violation of this policy, contact us using the method below.
3. Changes to this policy
   We may update this policy from time to time. When we do, we will post the revised version here and update the date at the top of the page. Your continued use of the hosted service after the update takes effect means the revised policy applies.
4. Contact
   For privacy questions or requests related to the hosted Currents service, open an issue at github.com/matteomarjanovic/currents/issues .