Privacy
Short version: we don’t sell your data, we don’t fingerprint you, and the only personal information we tie to you is your email — the one you give us for updates, or the one your AI client shares when you sign in to the developer API (MCP) over OAuth. For the MCP we also keep a per-request usage log with hashed identifiers and no query text. Details below.
What the Tomesphere browser extension stores
The extension stores two preferencesin Chrome’s built-in chrome.storage.sync (which roams with your Google account, never with us):
tomesphere_onboarded— a single boolean that records whether you finished or skipped the first-run welcome screen so we don’t show it twice.tomesphere_auto_open_arxiv— your preference for whether the side panel slides in automatically on arxiv pages. Defaults to off.tomesphere_theme— light or dark theme choice for the panel.tomesphere_saved_papers— an array of paper IDs you clicked “Save” on. Stored locally in your browser only. We never see it.
None of these leave your browser unless you explicitly act on them.
What the extension sends to our servers
When you open the side panel on an arxiv paper, the extension calls our public API at tomesphere.com/api/paper/by-arxiv/{id} to look up TLDR, citations, references, semantic neighbors, code, models, datasets, and videos for that paper.
That request includes the arxiv ID of the paper you’re reading and standard browser headers. We don’t set tracking cookies, we don’t fingerprint your device, and we don’t attach any identifier that links these requests back to you across sessions.
If you give us your email
During onboarding, on the home page, or in the atlas footer, you can optionally provide an email to receive product updates and a weekly digest of the 5 most-discussed papers. If you do, we store that email in our own database (Neon, hosted in the US) until you unsubscribe. Every email we send has a one-click unsubscribe link. To delete your email immediately, write to [email protected].
If you use the Tomesphere MCP (developer API)
The Tomesphere MCP server lets AI assistants (Claude, Cursor, VS Code, ChatGPT, etc.) query our paper index on your behalf. There are three ways to use it, and each stores a different, minimal amount:
- Anonymous (no sign-in) — 50 queries per day. We rate-limit by a salted one-way hash of your IP address. We never store your raw IP; the hash is the only identifier, and the daily counter resets at midnight UTC.
- Signed in over OAuth — 500 queries per day. When you connect from your AI client, the client runs a standard OAuth sign-in in your browser through WorkOS AuthKit, our authorization server. WorkOS returns a signed token, and from it we store only your WorkOS user id and the email you signed in with. No password, no API key, and no payment details ever reach our servers.
- Legacy API key — some early users hold a key. We store only a SHA-256 hash of it, never the plaintext. Plaintext is shown once at creation and is not recoverable.
Usage log. For every request, in any of the three modes, we write one row containing a hashed identifier (the salted IP hash, a hash of your WorkOS id, or the key hash — never a raw IP, email, or key), the tool name (search_papers, get_paper, etc.), the HTTP status, how long the request took in milliseconds, and a one-way hash of your query. We do not store the text of your query, the model that called us, or the contents of any paper you looked at. This log exists only to enforce daily limits and detect abuse.
Emails, WorkOS user ids, key hashes, and usage rows all live in our Neon Postgres database in the US. Because OAuth sign-in leaves you with no key or password to manage, there is nothing on your end to revoke — to delete everything tied to your developer use, email [email protected] and we’ll purge your WorkOS id, email, key hashes, and usage history within 7 days.
Analytics
The Tomesphere website uses Cloudflare Web Analytics, which is cookieless and privacy-respecting — page views and country only, no personal data, no fingerprinting. The browser extension itself has no analytics, no telemetry, and no third-party scripts.
How to delete your data
- Extension preferences— uninstall the extension from your browser, or open the panel and click “Reset preferences” (coming soon). Removing the extension wipes the
chrome.storage.syncentries we created. - Saved papers — clear via the extension or by clearing the site data for the extension in your browser settings.
- Email subscription — click the unsubscribe link in any email we send, or email [email protected].
- MCP developer access — signing in over OAuth leaves nothing on your device to revoke. Email [email protected] and we’ll purge your stored WorkOS id, email, any legacy key hashes, and usage history within 7 days.
Open source
The Tomesphere extension source code is public. If you’d rather audit what it does yourself, the /extension folder in our repository is the entire shipped product — no minification, no obfuscation.
Changes to this policy
If we change anything material, we’ll update the date at the top of this page and send a note to email subscribers.
Contact
Questions, deletion requests, or anything else: [email protected].