Last updated: 5/15/2026
Dockbox is a product and service operated by ARK MARKETING LLC, a United States limited liability company ("we," "our," or "us"). We build a Chrome extension and related services that combine AI chat, note-taking, YouTube summaries, and more. Where we refer to "Dockbox" in this policy, we mean our product, website, and offerings unless the context requires otherwise. We are committed to respecting your privacy and keeping secure the information we obtain from or about you. This Privacy Policy describes our practices with respect to personal data that we collect from or about you, and how we use it when you use our website (including dockbox.net), Chrome extension, accounts, billing, and online features (collectively, the "Services").
Language notice: This document is provided in English. Translations may be provided for convenience. In the event of any inconsistency, the English version will govern, except to the extent prohibited by applicable mandatory local law.
We collect account information (such as your email and sign-in details), billing information for paid plans through Stripe, and limited operational usage metrics needed to run plan limits and prevent abuse. Your notes, chat history, and YouTube summaries are stored locally on your device (IndexedDB), and we do not keep server-side copies of that local content. We use your data to provide the product, process payments, secure the service, and comply with legal obligations. You can request access, correction, deletion, or portability of applicable account data through our contact page, and you can remove local extension data by clearing browser data or uninstalling the extension.
Storage at a glance: Your notes, chat history, and YouTube summaries are stored only on your device (IndexedDB)—we do not keep copies on our servers. AI features, authentication, and billing inherently use the network as described below.
The Dockbox Chrome extension may handle personal or sensitive user data only as described in this Privacy Policy. Our practices comply with the Chrome Web Store Developer Program Policies and the Limited Use requirements. In particular:
Alignment with the Chrome Web Store listing: Personal and sensitive data we handle is collected and used for the same user-facing features we describe on the Chrome Web Store and inside Dockbox—not for unrelated or undisclosed purposes.
No public disclosure of authentication or payment secrets: We do not publish or publicly disclose authentication secrets, full payment card numbers, or similar credentials in public areas of our Services, store listings, or other open channels. Payment and sign-in use secure flows operated by us or our processors (for example, Stripe, Google sign-in, Supabase sessions), consistent with Chrome Web Store requirements.
Browsing context vs. browsing history: We do not collect your general web browsing history for advertising or unrelated analytics. Features that need information about the current page or video (for example, YouTube summarization when you start a summary from the video you are watching) use that context only to power user-initiated actions described in the extension's interface—not for behavioral ad targeting or background tracking.
Chrome extension permissions we request and why:
sidePanel: to open and manage Dockbox in Chrome's side panel (the extension's primary interface).identity: to support Google OAuth sign-in through Chrome's identity flow.tabs: to read the active tab's URL/title/favicon only when needed for user-triggered features (for example, YouTube summarization), and to open user-requested external pages (such as pricing or account pages). We do not use this permission to track browsing history.If anything in this section conflicts with a newer Chrome Web Store requirement, we will update this policy to match.
We collect personal data relating to you ("Personal Data") as follows.
We collect information that your browser or extension environment sends or that we generate in operating the Services, such as browser type and version, extension version and update information, and error logs and performance data as needed to run and secure the Services.
When you visit dockbox.net, we use:
The Chrome extension does not load these website analytics tools. Operational usage metrics for metered features are described under Account usage above.
We use cookies and similar technologies as needed for the Services, including:
We do not use third-party marketing or advertising analytics products (for example, Google Analytics) inside the Chrome extension to track your browsing for ads. You can control cookies through your browser settings; disabling certain cookies may affect functionality.
We use Personal Data for the following purposes:
We do not use your personal conversations to train AI models on our systems without your explicit consent.
We do not sell, trade, or rent your personal information. We may disclose Personal Data in the following circumstances:
We retain Personal Data for as long as necessary to provide the Services and for legitimate business and legal purposes:
Depending on the Service, you may have controls such as:
Depending on where you live, you may have statutory rights in relation to your Personal Data, such as the right to access, rectify, delete, restrict processing, data portability, and object to certain processing, and the right to withdraw consent where processing is based on consent.
To exercise rights that apply to you, contact us through our contact page. We will respond within a reasonable time and within any deadline required by law (including the timeframe for California residents described in Section 9).
If you are located in the EEA or UK, you have rights under the GDPR and, where applicable, the UK GDPR, including those listed above. Legal bases for processing may include contract (providing the Services), legitimate interests (for example, security and product improvement, balanced against your rights), and consent where required.
You may lodge a complaint with your local data protection authority.
Data that stays only on your device is not transferred internationally by Dockbox in the sense of cloud processing by us. When you use online features—sign-in, billing, or AI requests—information may be processed in the United States or other countries where our service providers operate. Where required, we use appropriate safeguards (such as standard contractual clauses) for international transfers.
Our Services are not directed to children under 13, and we do not knowingly collect Personal Data from children under 13. If you are a parent or guardian and believe a child under 13 has provided Personal Data to Dockbox, please contact us through our contact page. We will investigate and, where appropriate, delete that information.
You must be at least 13 to use the Services. If you are under 18, you represent that you have your parent's or guardian's permission to use the Services.
We implement technical, administrative, and organizational measures designed to protect Personal Data. Data is protected in transit (for example, TLS / HTTPS) when it communicates with our APIs, consistent with Chrome Web Store expectations for sensitive data. Where Personal Data is stored with cloud providers (for example, authentication records via Supabase or payment records via Stripe), we rely on those providers' industry-standard encryption and access controls. Local data in the extension relies on your browser and OS protections. No method of transmission or storage is completely secure.
Storage overview: Your chat, notes, summaries, and settings are stored on your device using IndexedDB—we do not upload that content to our servers. We use Supabase for authentication and Stripe for payments.
If we become aware of a breach that may affect your Personal Data, we will investigate, take appropriate steps, and notify affected users and authorities as required by applicable law (for example, within 72 hours of becoming aware, where the GDPR so requires). Content that exists only on your device is not exposed by a breach of our servers.
If you are a California resident, you have rights under the CCPA and CPRA, including:
Sensitive personal information (CPRA): We do not collect or use the categories of sensitive personal information defined by the CPRA (for example, government identifiers, precise geolocation, or health information) for the purpose of inferring characteristics about you. If our practices change, we will update this Privacy Policy.
Other U.S. state privacy laws may grant similar rights depending on where you live. You may exercise rights by contacting us through our contact page. For California, we will generally respond within 45 days (or as required by applicable law).
Some browsers offer a Do Not Track (DNT) signal. There is no consistent industry standard for how to respond to DNT. We do not currently respond to DNT signals. We collect data as described in this Privacy Policy to operate the Services.
Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. Their terms and privacy policies apply when you leave our Services.
We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the Last updated date. If changes are material, we will take additional steps as required by applicable law. Continued use of the Services after the effective date of changes constitutes your acceptance of the updated policy where permitted by law.
ARK MARKETING LLC is the data controller for the Personal Data described in this Privacy Policy when you use our Services. We operate the Dockbox Services from the United States.
If applicable law requires our registered business address or other company details, we will provide that information in response to a request submitted through our contact page, or we may publish it on our website when available.
If you have questions about this Privacy Policy or our data practices, please use our contact page.