Privacy is at the heart of how we've built eesel and you can read all about it in our privacy policy. In this post we're going to look at the network requests eesel makes and verify that:

Let's get started.

Let’s first verify that the title, URL and content of pages in eesel are stored locally on your browser only, and never leave your computer. For this, we need to head to the “background page”.

Most browser extensions have a “background page” which is basically the brain of the extension. You can find your local eesel brain here.

The Developer Console is a tool that comes with your browser and logs information about what’s happening on the page you’re on. We’ll use the “Network” tab in this a lot, to see the things eesel is receiving and sending.

Make sure you don’t close the background page and it's Network tab. We’ll need to constantly refer back to that to study what's happening in the Network soon.

It’s time for the magnifying glass (or maybe a Sherlock-esque monocle?). When you refresh your eesel new tab, you'll see different things pop up on the side in your background page’s “Network”.

All these things are basically what eesel is sending and receiving. For instance, you can see an event fired when eesel is opened, and it has associated information like an event name (“documentListViewed”) and “properties” like your “appVersion”.

The “t”, “p”, “i” objects are from Segment which is the tool we use to collect events and attributes. It creates “t” for track events like clicking a filter, “p” for page views like opening the settings page, “i” to associate an anonymous user id to your events. For more on that, read the Segment spec.

When you refresh the background page, you’ll see the “i” event in its "Network". When you click into the “traits”, you’ll see some basic information is sent like “appVersion”, “installID”, “createdAt” (when you installed), “documentCount” (the number of docs tracked in your eesel) with this event.

No information about your docs (like your titles, url or content) is being sent.

So from here, we’re going to interact with eesel in different ways and examine the different events. For instance, here’s the event when I search in eesel.

Notice how an anonymous user id and the event name (“documentSearchUsed”) are sent, but nothing sensitive (like the keywords searched) is sent. Here’s the event when I click into a doc from eesel.

Notice how nothing about the doc (like it’s url, title or content) is sent. Interact with eesel like this in several different ways, see the events and their associated data, and confirm that nothing on your document titles, urls or content is sent with any event. You may want to try clicking different app filters, adding an app and opening your eesel settings.

Let’s now confirm that when you open a doc, eesel doesn’t send any information about the doc. To check this out, let’s open a kind of doc that eesel tracks. For instance, I’ve opened a Google doc here.

Interact with your doc by clicking around or refreshing the page. You’ll see that there’s no network activity on your background page.

No API calls are made at all and everything remains on your computer.

So where exactly is the doc data stored? We’ll look at that next, and for that, in your background page’s Developer Console, switch from the “Network” tab to the “Application” tab.

Voila! Your document titles, url and content are here, and only here. Pretty neat eh?

Feel free to explore around other parts of this database.

Let’s also verify that for pages in eesel folders, the title and URL of the pages will additionally be stored securely in eesel servers. For that, we need to make a Folder.

Click the “+” and “New Folder”. Note that you’ll need to login for this feature if you haven’t already.

Make sure that when you make the Folder, you set a “rule” for it, so a document can get added to the Folder automatically.

For instance, I’ve just made a new doc to match the rule, and I notice the blue banner notifying me that the doc has been added automatically.

If I then jump on the “Network” tab of my background page, under “graphql”, I can see that only the title and url of the page are sent to eesel servers, and not the content. For context, “graphql” objects are related to your local eesel communicating with eesel’s servers.

We’ve been looking at the “Network” tab in the background page so far. That’s where the most meaningful events are sent from but eesel also has other pages where it can send data from. For example, there’s the eesel new tab, and to see what's happening there, you can right click, click “Inspect” on your eesel new tab, and switch to the “Network” tab. From there, you can follow the last steps again to interact with docs and study the network activity.

Another place where eesel could send data from is the scripts it injects on your docs. eesel does this to index and store your doc information (like title, url, content) locally, and also to open spotlight. To study this, open a doc, switch to its “Network” tab, and repeat the last steps. For instance, this is the “Network” tab of a Google Doc, and amidst all the requests Google Doc makes, there’s nothing related to eesel.

Overall, you’ll notice the same behaviour as with the background page when it comes to your document title, url, and content.

That's it! You've hacked into the mainframe and seen what happens with your data for yourself. If you get stuck at any point or have more follow up questions, let us know :)