This Privacy Policy describes how Mediar, Inc. ("Mediar," "we," "us," or "our") collects, uses, and protects information when you use our products and services, including the Mediar desktop application, Terminator Bridge browser extension, and related automation tools. By using our Services, you agree to the practices described in this Policy.
1. About Us
Mediar, Inc. is incorporated in the United States at 945 Market St, Ste 501, Floor 5, San Francisco, CA 94103, and acts as the controller with respect to personal data, determining the purpose and manner in which it is processed.
For privacy inquiries, please contact us at matt@mediar.ai or louis@mediar.ai.
2. Scope of This Policy
This Privacy Policy applies to:
- Mediar Desktop Application - Our AI-powered workflow automation software
- Terminator Bridge Browser Extension - Our Chrome/Edge extension for browser automation
- Mediar Cloud Services - Our web-based dashboard and API services
- Mediar Website - www.mediar.ai and related domains
3. Terminator Bridge Browser Extension
The Terminator Bridge extension enables browser automation by connecting to a locally-running Mediar application. Here is what you need to know about how the extension handles data:
3.1 How the Extension Works
- The extension connects exclusively to a local WebSocket server at
ws://127.0.0.1:17373 (localhost only) - It executes automation commands (such as clicking, typing, or reading page content) sent from the locally-installed Mediar desktop application
- All communication occurs entirely on your local machine
3.2 Data the Extension Accesses
- Page Content: The extension can read and interact with web page content (DOM elements, text, forms) to perform automation tasks you configure
- Tab Information: Basic tab metadata (tab ID, URL) to identify which tab to automate
- Extension Logs: Local diagnostic logs stored in browser storage for troubleshooting
3.3 Data the Extension Does NOT Collect
- The extension does NOT transmit any data to external servers
- The extension does NOT collect personal information, browsing history, or usage analytics
- The extension does NOT use third-party tracking, cookies, or analytics services
- The extension does NOT store or transmit passwords, financial information, or sensitive personal data
3.4 Extension Permissions Explained
| Permission | Purpose |
|---|
debugger | Execute JavaScript in browser tabs for automation (via Chrome DevTools Protocol) |
tabs | Identify the active tab for automation commands |
scripting | Inject scripts to maintain connection with local Mediar application |
activeTab | Access the currently active tab when performing automation |
webNavigation | Detect page navigation to maintain automation session |
storage | Store extension health logs locally for diagnostics |
alarms | Keep the extension service worker active |
<all_urls> | Allow automation on any website you choose to automate |
4. Mediar Desktop Application and Cloud Services
4.1 Information We Collect
When you use Mediar's desktop application or cloud services, we may collect:
- Account Information: Email address, name, and organization details when you create an account
- Workflow Data: Automation workflows you create and configure (stored according to your deployment preferences)
- Usage Metrics: Anonymized, aggregated data about feature usage to improve our products
- Technical Logs: Error logs and diagnostic information for troubleshooting
4.2 How We Use Your Information
- To provide and maintain our Services
- To authenticate your access and manage your account
- To provide customer support and respond to inquiries
- To improve and optimize our products
- To send service-related communications (with your consent for marketing)
4.3 Data Storage and Security
- Data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption
- Cloud data is hosted on secure infrastructure with SOC 2 compliance
- For on-premise deployments, data remains entirely within your infrastructure
5. Customer Data Responsibility
When you use Mediar to automate tasks involving your business data:
- You retain full ownership of your Customer Data
- You are responsible for ensuring you have proper authorization to automate systems containing personal or sensitive data
- You must comply with applicable data protection laws (GDPR, CCPA, HIPAA, etc.) for data you process using Mediar
- For cloud-hosted deployments, Mediar acts as a data processor under GDPR; you remain the data controller
Please review our Acceptable Use Policy for detailed guidelines on responsible use of our automation technology.
6. Third-Party Services
Our Services may integrate with third-party platforms (e.g., SAP, Oracle, Salesforce) that you choose to automate. When using these integrations:
- Your interactions with third-party systems are governed by their respective privacy policies
- Mediar does not share your data with third parties except as necessary to provide the Services
- We use Google AI services for certain features; usage is subject to Google AI Terms
7. Data Retention
We retain your data only as long as necessary to provide our Services and fulfill the purposes described in this Policy:
- Account data is retained while your account is active
- Workflow execution logs are retained for 90 days by default
- Upon account deletion, your data is removed within 30 days (except as required by law)
- Aggregated, anonymized data may be retained indefinitely for analytics purposes
8. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Portability: Request your data in a machine-readable format
- Objection: Object to certain processing activities
- Restriction: Request limited processing of your data
- Withdraw Consent: Withdraw consent for marketing communications
To exercise these rights, contact us at matt@mediar.ai or louis@mediar.ai.
9. Children's Privacy
Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
10. International Data Transfers
If you are located outside the United States, your data may be transferred to and processed in the United States or other countries. We ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) for EU/EEA data transfers
- Compliance with applicable data protection frameworks
11. Security
We implement industry-standard security measures to protect your data, including encryption, access controls, and regular security assessments. However, no method of transmission over the Internet is 100% secure. We encourage you to use strong passwords and protect your account credentials.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email. Your continued use of our Services after changes take effect constitutes acceptance of the updated Policy.
13. Contact Us
For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: