Sovara icon Sovara

Privacy policy - Sovara browser extension

Effective date: 8 July 2026 · Sovara is built by Weldon Web Ltd, a company registered in England, United Kingdom ("we", for this page only).

The short version

What the extension does with your data

When you press Send on a supported AI chat site (ChatGPT, Claude, Gemini, Copilot, Perplexity), Sovara reads the draft message inside your browser and evaluates it against a policy. The result is one of: allow, warn, redact, or block. That evaluation is local. The draft text is not sent over the network for the check, and the extension only runs on the supported chat sites listed in its permissions - no other browsing is read.

What is stored, and where

On your device (browser extension storage): your settings, the active policy, and a local buffer of recent audit events (what was decided and why - rule id, site, timestamp). You can clear this at any time by removing the extension.

Free tier: that is everything. There is no account, no signup, and no server.

Connected mode (Team/Enterprise plans): if your organisation has connected the extension to its Sovara workspace (directly or via managed IT configuration), the extension additionally:

Audit events are stored in the Sovara backend, hosted on Microsoft Azure in the UK South region, encrypted at rest, and automatically deleted after the organisation's retention window (by default: 30 days on free workspaces, 90 days on Team, 365 days on Enterprise).

Who is responsible for what

For connected organisations, your organisation is the data controller of its audit trail; we process it on the organisation's behalf to provide the service. Questions about how your employer uses the audit trail (including the user identifier it assigns) go to your employer. For anything we hold, contact us at the address below.

What we never do

Enterprise-managed installations

If your IT department installed Sovara via managed policy (Intune, Group Policy, Google Admin), the backend connection and settings are controlled by your organisation and the options page will say so. The privacy properties above are unchanged: checks stay local; only audit metadata leaves the machine.

Your rights

If you are in the UK/EEA, you have rights under data-protection law (access, correction, erasure, objection) over personal data we hold. For audit data held in an organisation's workspace, direct requests to that organisation (the controller); we support them in fulfilling requests. You can complain to the ICO (UK) or your local supervisory authority.

Changes and contact

We will update this page when the product's data handling changes and adjust the effective date. Material changes to what is collected will be called out in the extension's release notes.

Contact: sales@weldonweb.co.uk · Weldon Web Ltd, United Kingdom.