Privacy Settings Guide
TLD2 is built on a privacy-first architecture that keeps your reading habits completely private. This guide explains how TLD2 protects your data, what information is stored locally, and how to verify zero data transmission.
verified_user TLD2's Privacy Guarantee
In Local AI mode (default): Zero data transmission. No analytics. No tracking. No telemetry. Your articles, summaries, and browsing habits never leave your device.
In Cloud AI mode (optional): Only extracted article text sent to Google Gemini API for summarization. You provide the API key, you control the data flow.
Understanding Local-First Architecture
What "Local-First" Means
TLD2 processes everything on your device—in your browser—using cutting-edge client-side AI technologies:
- Content Extraction: Readability.js runs locally to isolate article content
- AI Summarization: Chrome's built-in AI (or algorithmic fallback) generates summaries without internet
- Text-to-Speech: StreamingKokoroJS neural voices synthesize audio locally using your GPU/CPU
- Model Storage: All AI models download once and cache permanently in your browser
This means no cloud dependency, no API calls, no data transmission in default mode.
Data Flow Diagram: Local AI Mode
Local AI vs. Cloud AI Comparison
| Feature | Local AI Mode (Default) | Cloud AI Mode (Optional) |
|---|---|---|
| Data Transmission | Zero - Everything local | Article text sent to Google |
| Internet Required | No (works offline) | Yes (API calls) |
| Privacy Level | Absolute (no tracking possible) | Subject to Google's privacy policy |
| Cost | Free forever | Free tier, then pay-per-use |
| Speed | Fast (GPU) or moderate (CPU) | Fast (depends on internet) |
| Quality | Good (Chrome AI) | Excellent (Gemini 2.5 Flash) |
| Usage Limits | Unlimited | API rate limits apply |
| Best For | Privacy-conscious users, offline use, unlimited reading | Complex technical articles, when highest quality needed |
What Data TLD2 Stores Locally
TLD2 uses Chrome's chrome.storage.local and chrome.storage.sync APIs to store only your settings:
Stored Settings
- Voice Preference: Your selected Kokoro voice (e.g.,
af_sky) - Playback Settings: Speed (e.g.,
1.2x), pitch, pitch correction toggle - Auto-play Preference: Boolean (enabled/disabled)
- Summary Length: Short, medium, or long
- API Key (if provided): Your Gemini API key for cloud mode
- Theme Preference: Dark/light mode selection
- Info Printout Toggle: Status text visibility
NOT Stored
- ❌ Article content or URLs
- ❌ Generated summaries
- ❌ Browsing history
- ❌ Usage analytics or telemetry
- ❌ Personal information
- ❌ Audio recordings
shield Chrome Sync Behavior
If you have Chrome Sync enabled in your browser, TLD2 settings sync across your devices (voice preference, speed, etc.). This happens via Google's encrypted sync system—TLD2 doesn't control this. To disable syncing, turn off Chrome Sync in your browser settings.
How to Verify Privacy
Method 1: Network Tab Inspection
- Open Chrome DevTools (F12 or Cmd+Option+I)
- Go to the Network tab
- Clear all existing requests (trash icon)
- Navigate to an article and click the TLD2 extension icon
- Watch the Network tab as the summary generates
Expected Result in Local AI Mode: Zero outbound network requests to external domains (except the original article page load). No requests to:
- ❌
*.anthropic.com - ❌
*.openai.com - ❌
*.google.com - ❌
analytics.google.com - ❌ Any third-party tracking domains
Method 2: Extension Permissions Audit
- Go to
chrome://extensions - Find TLD2 and click Details
- Review Permissions
TLD2's Minimal Permissions:
activeTab- Read current tab content for extractionscripting- Inject Readability.js content scriptstorage- Save your settings locallysidePanel- Display sidebar UIcontextMenus- Right-click "Summarize Article" option
Notably absent:
- ❌
webRequest- Can't intercept network traffic - ❌
history- Can't access browsing history - ❌
tabs- Can't read URLs of other tabs - ❌
<all_urls>- No broad access
Method 3: Code Inspection
TLD2's source code is available for review. You can inspect the extension's files directly:
- Go to
chrome://extensions - Enable Developer mode
- Click Details on TLD2
- Note the extension's installation path
- Browse the files to verify no analytics or tracking code
Enabling Cloud AI Mode (Optional)
If you want enhanced summarization quality for complex content, you can optionally enable Cloud AI mode using Google's Gemini API.
What Happens in Cloud Mode
- Data Sent: Extracted article text (only the main content, not ads/navigation)
- Destination: Google's Gemini API servers
- Purpose: AI summarization using Gemini 2.5 Flash model
- Return: Summary text (sent back to your browser)
- Privacy Policy: Subject to Google's terms
warning Important: Cloud Mode Privacy Trade-offs
When using Gemini API, you're trusting Google with your article content. For sensitive material (medical, legal, financial, personal), always use Local AI mode.
How to Enable Cloud Mode
- Obtain a Gemini API key from Google AI Studio
- Open TLD2 settings
- Find "Developer Options" section
- Enter your API key in the "Gemini API Key" field
- Click Save
TLD2 will now use Gemini for summarization while continuing to use local TTS for audio.
Chrome Extension Manifest V3 Security
TLD2 uses Manifest V3, Chrome's latest and most secure extension architecture:
Security Benefits
- Content Security Policy (CSP): Blocks remote code execution. All code bundled statically.
- No Eval: No
eval()or dynamic code execution. - Service Workers: Background script runs in isolated context.
- Permissions API: Granular, user-controlled permissions.
- Host Permissions: Only accesses pages you explicitly activate TLD2 on.
CSP Compliance
TLD2's Content Security Policy:
This allows:
- ✅
'self'- Only bundled local scripts - ✅
'wasm-unsafe-eval'- WebAssembly for ONNX Runtime (required for TTS)
This blocks:
- ❌ Remote scripts from CDNs
- ❌ Inline scripts (prevents XSS attacks)
- ❌
eval()and dynamic code execution
Frequently Asked Questions
Does TLD2 send my article data to external servers?
In Local AI mode (default), absolutely not. All processing happens entirely on your device. No article content, summaries, or usage data leaves your computer. In Cloud AI mode (optional Gemini API), only the extracted article text is sent to Google's servers for summarization. TTS always remains local.
How can I verify TLD2 isn't tracking me?
Open Chrome DevTools (F12), go to the Network tab, and summarize an article in Local AI mode. You'll see zero outbound requests to external domains. TLD2's code is open for inspection and contains no analytics, telemetry, or tracking mechanisms. You can also review the extension's source code directly from chrome://extensions.
What data does TLD2 store locally?
Only your settings: voice preference, playback speed, pitch settings, summary length, API key (if provided), theme, and toggles like auto-play. TLD2 does NOT store article content, summaries, URLs, or browsing history. Settings are stored in Chrome's local storage and sync only if you have Chrome sync enabled.
Can TLD2 see my browsing history?
No. TLD2 does not request the history permission. It can only see the current tab when you explicitly activate it (via icon click or right-click menu). It has no access to other tabs, browsing history, or URLs you haven't explicitly processed.
Is my Gemini API key secure?
Your API key is stored in Chrome's encrypted local storage (chrome.storage.local). It's never transmitted anywhere except directly to Google's Gemini API when you use Cloud AI mode. Other extensions cannot access it. However, treat API keys like passwords—never share them, and regenerate if compromised.
Does TLD2 work with ad blockers or privacy extensions?
Yes, perfectly. Since TLD2 makes zero tracking or analytics requests, ad blockers won't interfere. Privacy extensions like uBlock Origin, Privacy Badger, or Ghostery work seamlessly alongside TLD2. In fact, they complement each other well.