Privacy Policy

Our Core Promise

Mirage exists to protect your privacy when using AI tools. Your sensitive data — names, emails, phone numbers, financial figures — never leaves your device unmasked. This is not just a feature; it is the foundational security invariant of our entire product.

What We Process

All detection and redaction of personally identifiable information (PII) happens locally on your machine. Mirage uses pattern matching and local NLP models to identify sensitive entities in your text. No data is sent to any external server for analysis.

What We Don't Collect

• We do not collect, store, or transmit your original text or prompts
• We do not have access to your redaction vault or token mappings
• We do not track your conversations with AI providers
• We do not sell or share any user data with third parties

Chrome Extension

The browser extension operates entirely within Chrome's sandbox. Redaction tokens are stored in session-scoped memory only and are discarded when you close the tab. No data is persisted to chrome.storage or any remote backend.

Desktop Application

The Mirage Vault desktop app stores your redaction vault locally in an encrypted SQLite database on your machine. This data is never synced to the cloud unless you explicitly choose to do so in a future release.

Waitlist & Analytics

If you sign up for our waitlist, we collect your email address and basic metadata (browser type, screen size, timezone, referral source) to understand how people discover Mirage. This data is stored in a private Google Sheet and is never shared with third parties.

Third-Party Services

Mirage does not integrate with any analytics platforms, ad networks, or tracking pixels. We use no cookies for tracking purposes.

Changes to This Policy

We will update this page if our practices change. Significant changes will be communicated through our website and email list.

Contact

Questions about this policy? Reach us at privacy@getmirage.co.