PostMessage
Discover
MarketplaceBlog / NewsSetu Health
Get it on Google Play
UrgentLocal NeedsNewsGo BusinessDeliveryCartSetu PromotionMac Software
HomeTeleHealthPostLoginRegister
Privacy Policy

Setu Browser Automation — Privacy Policy

Effective April 25, 2026 · Last updated April 25, 2026

The short version

  • You bring your own LLM key. The extension does not proxy or store the conversations you have with Claude or GPT. Requests go from your browser straight to the provider you chose, under your own API key.
  • Page contents stay between you and your chosen LLM. The text, screenshots, and DOM snapshots Setu sends to the model travel directly to Anthropic or OpenAI. SetuCare's servers are not in that path.
  • Credentials never leave your browser. Your provider API keys and integration tokens (Slack, Jira, GitHub, …) are encrypted in chrome.storage.local with a key derived per-install. Setu cannot read them; they are only attached as headers to the requests you trigger.
  • We collect what we need to track your free-tier usage and license. When you sign in, we associate your SetuCare account with the executions you spend against the 15-execution free tier and any Pro / Lifetime plan you buy. Nothing about what the executions did.
  • Payments are handled by Stripe. Card numbers never touch our servers; we receive only the metadata Stripe returns.
  • You can ask us to delete everything. Email privacy@setucare.com and we will erase your account, subscription, and execution counters within 30 days.

1. Who we are

Setu Browser Automation ("the extension") is a Chrome side-panel agent published by SetuCare ("we", "us", "our"). It chats with you about the current tab and runs multi-step browser automations on your behalf using a large-language-model provider you supply (Anthropic Claude or OpenAI GPT). This privacy policy explains what data the extension and our cloud services at setucare.com / platform.dafo.io collect, what we do with it, who else sees it, and what choices you have.

2. What the extension stores in your browser

The extension stores the following in chrome.storage.local, on your Mac or PC. None of this is transmitted to SetuCare unless explicitly noted in section 3.

  • Provider API keys (Anthropic and/or OpenAI). Encrypted at rest with a per-install key derived during first launch. Decrypted only inside the extension's service worker when it needs to attach an Authorization header to a provider request.
  • Selected model and provider preferences (e.g. Opus 4.7 vs Haiku 4.5, temperature, max tokens). Persisted so chat and Autopilot share the same choice.
  • Integration credentials for any Current-Stack tool you connect (Slack token, Jira API token, Webhook URL, etc.). Same encryption scheme as the provider keys.
  • MCP server configurations — URLs, optional bearer tokens for HTTP/SSE transport, command lines for stdio transport.
  • Saved Playbooks, run history, agent memory (key/value notes the agent extracted), prior chat turns, and the Advanced settings (approve-each-step, retry count, safety cap).
  • Sign-in tokens for your SetuCare account, scoped to the extension. Refreshed automatically against auth.setucare.com; you can clear them by signing out from the side-panel Settings.

3. What the extension sends to SetuCare

The extension contacts setucare.com / platform.dafo.io for the following reasons only:

Sign-in and license/plan lookup

When you click "Continue with Google" the extension performs a standard OAuth flow against auth.setucare.com. After sign-in it polls /api/v1/auth/billing/license/ to learn your current plan (Free / Pro Monthly / Pro Annual / Lifetime), how many free executions you have remaining, and your subscription's renewal date. The request carries your SetuCare bearer token; we see your account email and a per-user identifier ("user_key").

Free-tier usage counter

On the Free plan, every Autopilot run debits one execution from your 15-execution quota. The extension calls /api/v1/auth/billing/usage/increment/ at the start of each run; we return the new remaining count. The request body contains nothing about what the run did — no prompt, no plan, no result.

Checkout + subscription management

When you click Upgrade, the extension opens our pricing page in a new tab where the checkout flow is handled by Stripe (see section 5). Successful purchases trigger a webhook to /api/v1/auth/billing/webhook/stripe/ which updates your plan row.

Crash reports (opt-in)

If the extension's service worker crashes, you may be asked whether to send the crash report to us. The report contains the JS stack trace, extension version, and Chrome version. It does not contain your prompts, integration tokens, or LLM API key. Reports are never sent without your explicit click.

4. What never goes through SetuCare's servers

  • Your prompts to Claude / GPT and the model's responses. They travel from the extension's service worker straight to api.anthropic.com or api.openai.com over HTTPS, under your own provider key.
  • Page snapshots and screenshots Autopilot captures to give the model context. Same path as above.
  • Automation outputs — extracted text, downloaded files, the contents of pages you visited.
  • Integration payloads. When you click "Send to Slack" / "Create Jira issue" / "Post to Webhook", the extension calls that integration's API directly from your browser. SetuCare's servers do not see the run summary, the destination URL, or the auth header.
  • MCP tool calls. When the model invokes an MCP server's tool mid-conversation, the request leaves your browser straight for the MCP server URL you configured. SetuCare is not in the path.
  • Your provider API keys, integration tokens, MCP bearer tokens.

The only data that ever crosses to SetuCare's backend is what is itemised in section 3.

5. Payments

All purchases are processed by Stripe, Inc., a PCI-DSS Level 1 service provider. Card details are entered on a Stripe-hosted checkout page; SetuCare never receives them. After a successful purchase, Stripe forwards a signed webhook event containing your billing email, the plan you purchased, the Stripe customer / subscription identifiers, and the amount charged. We store this metadata against your subscription row so we can issue refunds, respond to chargebacks, and let you manage the subscription via the Stripe Customer Portal. Stripe's privacy policy is at stripe.com/privacy.

6. Third-party services you optionally connect

Current-stack integrations (11 destinations)

You can connect Slack, Trello, Asana, GitHub, Jira Cloud, Notion, Linear, ClickUp, Microsoft Teams, Discord, or a generic Webhook URL to receive run summaries. Connecting an integration stores its credential locally in your browser (see section 2). When the agent sends a run summary to the integration, the request goes from your browser straight to that vendor's API. SetuCare does not see the summary text or the vendor's response. Each vendor's privacy policy applies to that data.

Model Context Protocol (MCP) servers

You can add MCP servers in two transports — HTTP/SSE (URL + optional Bearer auth) and stdio (saved locally; runs via the Setu desktop runner). Saved servers expose their tools to the chosen LLM during a chat turn. Tool invocations travel directly from the extension to the MCP server URL you configured; SetuCare does not proxy them. Tool names are namespaced as mcp_<shortId>_<toolName>so the model can pick the right server. The extension caps tool rounds at 6 per user message to prevent runaway loops.

LLM providers (Anthropic, OpenAI)

Whichever provider you select in the model dropdown receives every prompt + context you send. Their data-handling is governed by Anthropic's privacy policy or OpenAI's privacy policy. Setu does not modify or strip the request body — what you submit is what the provider sees.

7. Permissions the extension requests

Chrome shows you the full permission list when you install the extension. Here is why each one is requested:

  • storage — read/write your settings, keys, integrations, history.
  • sidePanel — render the chat + automation UI in Chrome's side panel.
  • activeTab — read the currently focused tab when you ask the agent about it.
  • scripting — inject the click / type / wait / extract helpers Autopilot needs to act on a page.
  • tabs — open new tabs ("new_tab" plan step), switch between tabs ("switch_tab"), close them ("close_tab").
  • cookies — preserve a logged-in session in the page Autopilot is acting on (e.g. so it doesn't get bounced to a sign-in form mid-run).
  • identity — used by the Google sign-in OAuth flow at auth.setucare.com.
  • host_permissions: <all_urls> — required so Autopilot can act on any site you visit. The extension only sends content from a tab to the model when you trigger an action involving that tab.
  • Specific host_permissions for the LLM provider hosts (api.anthropic.com, api.openai.com), the SetuCare auth + license API, and each integration vendor's API host.

8. Data sharing

We do not sell your personal information. We share data only with the categories of recipients listed below, and only to the extent needed for them to perform their stated function:

  • Stripe — payment processing, refunds, chargeback handling.
  • Anthropic / OpenAI — only when you trigger a request, under your API key, with the prompt + context you submitted. SetuCare is not in the request path.
  • Integration vendors and MCP server operators — for any service you connect, the data you send through it is governed by that vendor's terms.
  • Amazon Web Services (us-east-1) — our application hosting, database (RDS), and object storage (S3) provider for the SetuCare backend.
  • Vercel, Inc. — hosts the marketing pages on www.setucare.com. They see standard request metadata for visits.
  • Law enforcement — only if compelled by valid legal process. We will push back on overbroad requests and notify affected users where legally permitted.

9. Data retention

  • Subscription / plan records — kept for the lifetime of your account plus seven years after closure, to satisfy tax record-keeping obligations on the underlying purchase.
  • Free-tier execution counters — kept for the lifetime of your account; deleted when the account is deleted.
  • Web access logs — 30 days, then automatically purged.
  • Crash reports — 90 days, then automatically purged.
  • Locally-stored extension data — never expires automatically. You delete it by signing out and clearing the extension's storage from chrome://extensions, or by uninstalling the extension.

10. Your rights

Regardless of where you live, you can ask us to:

  • Access the data we hold about you — your subscription row, free- tier execution counter, billing metadata.
  • Correct any of it that's wrong.
  • Delete your account and subscription. We will comply within 30 days. Records we are required to retain by law (e.g. invoice data for tax) will be retained for the minimum period required.
  • Export your data as a JSON file.
  • Opt out of marketing email. We send transactional emails (receipt, refund confirmation, plan-change notice) regardless; we do not send marketing email unless you have explicitly opted in.

To exercise any of these rights, email privacy@setucare.com from the address on file. Residents of the European Economic Area, the United Kingdom, and California (CCPA / CPRA) have additional statutory rights — those rights are honoured automatically; the email path above is sufficient to exercise them.

11. Children

Setu Browser Automation is not directed at children under 16, and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, email privacy@setucare.com and we will delete it.

12. Security

All traffic to setucare.com, platform.dafo.io, and auth.setucare.com is served over HTTPS with TLS 1.2 or higher. Provider API keys and integration tokens are encrypted in the browser with a per-install key derived from crypto.subtle; the encryption key never leaves your machine. Stripe webhook payloads are verified with HMAC signatures using a per-endpoint secret rotated on every endpoint creation. Backend secrets are stored as encrypted environment variables; only on-call engineers can read them, and access is audited.

No system is perfect. If you discover a vulnerability, please email privacy@setucare.com with the subject [security]. We will acknowledge within 72 hours.

13. International transfers

SetuCare's servers are located in the United States. By using Setu Browser Automation you consent to the transfer of your account and subscription metadata to the United States. We do not transfer the contents of your prompts, the pages Autopilot acted on, or your integration payloads — those never leave your browser and your chosen vendors' data handling is governed by their own policies linked above.

14. Changes to this policy

When we change this policy in a way that meaningfully affects what we collect or how we use it, we will:

  • Update the "Last updated" date at the top of this page.
  • For material changes that affect existing customers, send a one-time notification email at least 30 days before the change takes effect.
  • Keep the previous version available on request for at least 24 months.

15. Contact

SetuCare
Privacy: privacy@setucare.com
General support: support@setucare.com

Last updated April 25, 2026.

Back to Setu Browser AutomationContact Privacy