隐私政策
最后更新:2025 年 3 月 8 日
核心原则:MarkStackAI 是自托管软件。你的数据存储在你自己的服务器上,我们(开发者)无法也不会访问你的任何数据。
1. 概述
MarkStackAI 是一款开源自托管的书签与知识管理系统,包含 Web 应用和 Chrome 浏览器扩展。本隐私政策说明我们如何处理你的数据。
由于 MarkStackAI 是自托管软件,它运行在你(或你的组织)自己的服务器上。我们(开发团队)仅提供软件,不托管、不存储、不访问你的任何数据。
2. 数据收集与存储
2.1 Web 应用
MarkStackAI Web 应用在你的服务器上运行,存储以下数据:
- 账户信息:用户名、显示名称、bcrypt 哈希后的密码
- 书签数据:网页标题、URL、描述、标签、文件夹结构
- 笔记内容:笔记标题、Markdown/HTML 内容、笔记本分类
- 上传文件:图标、笔记中的图片
- 使用记录:书签点击次数、最后访问时间
所有数据均存储在你服务器上的 SQLite 数据库文件中,不会传输到任何第三方服务。
2.2 Chrome 扩展
MarkStackAI Sync Chrome 扩展在你的浏览器中存储以下数据:
- JWT 认证令牌:用于与你的服务器通信,存储在
chrome.storage.local - 服务器地址:你配置的 MarkStackAI 服务器 URL
- 同步状态:待推送事件、上次同步时间、设备 UUID
- 用户设置:同步间隔、自动同步开关、默认笔记本
- 离线暂存:网络不可用时临时存储的笔记(最多 20 条)
这些数据仅存储在你的浏览器本地存储中,并仅与你配置的自托管服务器通信。不会发送到开发者或任何第三方。
3. Chrome 扩展权限说明
扩展请求的每个权限都有明确用途:
| 权限 | 用途 |
|---|---|
bookmarks |
读取和写入 Chrome 书签,实现浏览器与服务器之间的双向同步 |
storage |
存储登录凭据、同步状态、用户设置、离线暂存数据 |
alarms |
定时触发自动同步和服务器连接检测,确保数据及时更新 |
tabs |
获取当前活动标签页的标题和 URL,用于“一键收藏”功能 |
optional_host_permissions |
在登录时动态请求服务器域名的访问权限,仅用于与你自己的服务器通信 |
4. 数据传输
MarkStackAI 的数据传输仅发生在以下两个端点之间:
- 你的浏览器(Web 应用 / Chrome 扩展)
- 你自己部署的 MarkStackAI 服务器
不存在第三方数据传输。我们不运行任何云服务、不收集使用数据、不追踪用户行为。
唯一的外部网络请求发生在以下场景(由你的服务器发起,与扩展无关):
- 服务器抓取书签网页的标题和图标(用户主动触发)
- 服务器检查书签链接健康状态(用户主动触发)
- 金融行情小组件从 Yahoo Finance / CoinGecko 获取报价数据(可选功能)
5. 我们不会做的事
- 不会收集或发送你的浏览历史、搜索记录或个人信息到任何地方
- 不会向你的浏览器注入广告或追踪代码
- 不会加载任何远程 JavaScript 代码
- 不会出售、分享或租借你的任何数据
- 不会使用 Google Analytics、Facebook Pixel 或任何第三方分析工具
- 不会在扩展中读取或修改你访问的网页内容(无 content scripts)
6. 数据安全
我们在软件设计中采取了多项安全措施:
- 密码使用 bcrypt 算法哈希存储,永远不保存明文密码
- 认证使用 JWT (HS256) 令牌,30 天自动过期
- 登录接口限流(5 次/分钟),防止暴力破解
- 统一的认证错误消息,防止用户枚举
- SSRF 防护、XSS 防护、SQL 注入防护、安全响应头
- 文件上传魔术字节校验、SVG 消毒
- Chrome 扩展使用严格的 CSP 策略:
script-src 'self'; object-src 'none'
但请注意:作为自托管软件,服务器的网络安全、访问控制和备份策略由你负责。我们强烈建议使用 HTTPS、修改默认密码、定期备份。
7. 数据删除
由于数据完全存储在你的服务器上,你拥有完全的数据控制权:
- 通过 Web 界面删除任何书签、笔记、账户
- 通过管理后台清空回收站
- 直接删除 SQLite 数据库文件即可彻底清除所有数据
- 卸载 Chrome 扩展将自动清除所有本地存储数据
8. 第三方服务
本软件不依赖任何第三方云服务。以下是可选功能中涉及的外部 API(仅在你主动启用时才会触发):
- Yahoo Finance API:用于金融行情小组件(股票、贵金属报价)
- CoinGecko API:用于加密货币报价
- Google Favicons:获取网站图标(当目标网站未提供图标时)
这些请求由你的服务器发起,不包含任何用户身份信息。
9. 儿童隐私
MarkStackAI 不专门面向 13 岁以下的儿童,也不会故意收集儿童的个人信息。
10. 政策变更
我们可能会不时更新本隐私政策。更新将发布在本页面,并在项目 GitHub 仓库中记录。重大变更会通过 GitHub Release 通知。
11. 联系方式
如果你对本隐私政策有任何疑问,请通过以下方式联系我们:
- GitHub Issues:markstackai.com
Privacy Policy
Last updated: March 8, 2025
Core principle: MarkStackAI is self-hosted software. Your data is stored on your own server. We (the developers) cannot and do not access any of your data.
1. Overview
MarkStackAI is an open-source, self-hosted bookmark and knowledge management system consisting of a web application and a Chrome browser extension. This privacy policy explains how your data is handled.
Since MarkStackAI is self-hosted software, it runs on your (or your organization's) own server. We (the development team) only provide the software—we do not host, store, or access any of your data.
2. Data Collection & Storage
2.1 Web Application
The MarkStackAI web application runs on your server and stores:
- Account info: Username, display name, bcrypt-hashed password
- Bookmark data: Page titles, URLs, descriptions, tags, folder structure
- Note content: Titles, Markdown/HTML content, notebook categorization
- Uploaded files: Favicons, images in notes
- Usage records: Bookmark click counts, last accessed timestamps
All data is stored in a SQLite database file on your server. No data is transmitted to any third-party service.
2.2 Chrome Extension
The MarkStackAI Sync Chrome extension stores the following in your browser:
- JWT authentication token: For communicating with your server, stored in
chrome.storage.local - Server URL: The MarkStackAI server address you configured
- Sync state: Pending events, last sync time, device UUID
- User preferences: Sync interval, auto-sync toggle, default notebook
- Offline queue: Temporarily stored notes when offline (max 20)
This data is stored only in your browser's local storage and only communicates with your configured self-hosted server. Nothing is sent to the developers or any third party.
3. Chrome Extension Permissions
| Permission | Purpose |
|---|---|
bookmarks |
Read and write Chrome bookmarks for bidirectional sync between browser and server |
storage |
Store login credentials, sync state, user preferences, and offline data |
alarms |
Schedule automatic sync and server connectivity checks |
tabs |
Get the active tab's title and URL for the "quick bookmark" feature |
optional_host_permissions |
Dynamically request access to the user's server domain at login time; used only to communicate with the user's own server |
4. Data Transmission
Data transmission in MarkStackAI occurs only between:
- Your browser (web app / Chrome extension)
- Your self-hosted MarkStackAI server
There is no third-party data transmission. We do not operate any cloud services, do not collect usage data, and do not track user behavior.
5. What We Do NOT Do
- We do not collect or send your browsing history, search records, or personal information anywhere
- We do not inject ads or tracking code into your browser
- We do not load any remote JavaScript code
- We do not sell, share, or rent any of your data
- We do not use Google Analytics, Facebook Pixel, or any third-party analytics
- We do not read or modify the content of web pages you visit (no content scripts)
6. Data Security
We implement multiple security measures in the software design:
- Passwords stored with bcrypt hashing, never in plain text
- JWT (HS256) authentication with 30-day automatic expiry
- Login rate limiting (5 attempts/minute) to prevent brute force
- Unified auth error messages to prevent user enumeration
- SSRF protection, XSS prevention, SQL injection protection, security headers
- File upload magic bytes verification, SVG sanitization
- Strict CSP for Chrome extension:
script-src 'self'; object-src 'none'
Note: As self-hosted software, server network security, access control, and backup strategy are your responsibility. We strongly recommend using HTTPS, changing default passwords, and regular backups.
7. Data Deletion
Since all data is stored on your server, you have full control:
- Delete any bookmarks, notes, or accounts through the web interface
- Empty the trash through the admin panel
- Delete the SQLite database file to completely erase all data
- Uninstalling the Chrome extension automatically clears all local storage data
8. Third-Party Services
The software does not depend on any third-party cloud services. The following external APIs are involved in optional features (only triggered when you actively enable them):
- Yahoo Finance API: For finance widget (stock, precious metal quotes)
- CoinGecko API: For cryptocurrency quotes
- Google Favicons: Fetching website icons when the target site doesn't provide one
These requests are made by your server and contain no user identity information.
9. Children's Privacy
MarkStackAI is not directed at children under 13 and does not knowingly collect personal information from children.
10. Policy Changes
We may update this privacy policy from time to time. Updates will be published on this page and recorded in the project's GitHub repository. Significant changes will be announced via GitHub Release.
11. Contact
If you have any questions about this privacy policy, please contact us via:
- GitHub Issues: markstackai.com