GlassBox — Privacy Policy

Last updated: April 2026

GlassBox is a browser extension that helps you understand the tone, credibility, and context of social media posts. This policy explains exactly what data is collected, how it is used, and what is never collected.

What GlassBox sends to its server

When you visit a post on Twitter/X, GlassBox may send the following to the GlassBox analysis API (glassbox-production-3db2.up.railway.app):

• The text content of the post
• The public URL of any images in the post (for AI-generated image detection)
• The platform name (e.g., "twitter")
• The public username of the post author

This data is used solely to generate analysis results (tone score, manipulation tactic detection, news verification, AI image detection) and is not stored, logged, or retained by the server after the response is returned.

What is stored locally on your device

GlassBox stores the following data in your browser's local storage (chrome.storage.local), which never leaves your device:

• Your extension settings (API URL, enabled/disabled state)
• A local history of posts you have viewed while using GlassBox, used to compute your personal dashboard statistics (posts analyzed, manipulation tactics detected, etc.)

This data is stored for up to 90 days and then automatically deleted. It is never synced to any server.

What GlassBox never collects

• Your name, email address, or any account information
• Your browsing history outside of the supported social media platforms
• Any data from websites you visit that are not Twitter/X, Reddit, YouTube, or TikTok
• Passwords, payment information, or any form credentials
• Precise location data

Third-party services

GlassBox sends post content to its own analysis API hosted on Railway. No data is shared with any advertising network, analytics provider, or third party.

Permissions explained

• Access to Twitter/X, Reddit, YouTube, TikTok: Required to read post content and inject analysis results inline into the page. GlassBox does not read any other websites.
• Storage: Saves your settings and local post history on your device only.
• Alarms: Runs a background task once per week to compute dashboard statistics. No network request is made.

Children's privacy

GlassBox is not directed at children under 13 and does not knowingly collect any information from children.

Changes to this policy

If this policy changes, the updated version will be posted at this URL with a new "Last updated" date.

Contact

Questions? Reach out at nyxsystemsllc@gmail.com