Privacy Policy
Effective date: March 28, 2026 · Version 2.0
The Short Version
- ✓ All processing happens locally on your machine. Nothing is sent to external servers.
- ✓ Lighty does not collect any personal data, browsing history, or page content.
- ✓ The bridge server runs only on localhost (127.0.0.1). It is not accessible from the internet.
- ✗ No analytics. No telemetry. No crash reports. No usage tracking of any kind.
- ✗ No account required. No login. No email address collected.
- ✗ No cloud. No third-party services. No advertising networks.
1. What Lighty Does
Lighty is a Chrome extension that runs a local HTTP bridge server on your machine (default port 3456). This bridge allows local software — such as scripts, automation tools, or AI coding assistants — to control your Chrome browser via HTTP API calls.
The extension acts as a relay between the local bridge server and Chrome's extension APIs. It does not communicate with any server outside your computer.
2. Data We Do Not Collect
Lighty collects no data whatsoever. Specifically:
Browsing data: Lighty does not read, record, or transmit your browsing history, bookmarks, cookies, passwords, or any page content you visit.
Personal information: Lighty does not collect your name, email address, IP address, location, or any other personally identifiable information.
Usage data: Lighty does not record which features you use, how often you use the extension, what commands you send to the bridge, or any behavioral metrics.
Automation data: When you use the bridge API to automate browser actions, the content of those actions (URLs navigated, text typed, elements clicked) is never logged or transmitted anywhere. It is processed ephemerally in memory and discarded.
3. Local Storage
Lighty uses Chrome's storage.local API solely to persist your configuration preferences (such as the bridge server port number). This data is stored on your local device only, is never synced to Google's servers, and can be cleared at any time by removing the extension.
4. Network Access
The bridge server binds exclusively to 127.0.0.1 (localhost). It is not accessible from the local network, the internet, or any other machine. No outbound connections are made by Lighty to any external host.
5. Chrome Permissions Explained
| Permission | Why it's needed |
|---|---|
| activeTab | Required to interact with the currently active tab when the bridge receives API commands. |
| scripting | Required to inject content scripts for JavaScript evaluation and DOM interaction. |
| tabs | Required to open, close, navigate, and query tabs via the API. |
| tabGroups | Used to organize automation tabs into a named group for easy identification. |
| storage | Stores your port configuration locally. Never synced externally. |
| debugger | Required for trusted mouse events (click, drag) and JavaScript evaluation that bypasses Content Security Policy. This enables Lighty to interact with sites that restrict programmatic clicks. |
6. Third-Party Services
Lighty does not integrate with or transmit data to any third-party service, analytics platform, advertising network, or cloud provider. There are no third-party SDKs, libraries, or trackers embedded in the extension.
7. Children's Privacy
Lighty is a developer tool not directed at children. We do not knowingly collect information from anyone under the age of 13. Since we collect no data from any user, no special measures are needed.
8. Changes to This Policy
If we ever update this privacy policy, we will update the effective date at the top of this page and increment the version number. Given that Lighty collects no data, we do not anticipate material changes to this policy.
9. Contact
If you have questions about this privacy policy or how Lighty works, you can reach LightCube at:
privacy@lightcube.dev
We typically respond within 48 hours.