Cocision Privacy Policy

Effective date: May 30, 2026

What Cocision Does

Cocision is a Chrome extension that helps you pause before opening websites you chose to block. When you try to open a blocked target, Cocision redirects you to a local AI checkpoint. You can explain why you want access, receive a Decision Card, and accept an access plan before Cocision opens the site.

Data Stored Locally

Cocision stores most product data locally in browser extension storage and IndexedDB, including blocked target records, temporary access state, cooldowns, local behavior events, target attempts, negotiation threads, messages, transcripts, assistant messages, Decision Cards, settings, encrypted bring-your-own-key provider API keys, local feedback outbox and receipt records, and local review artifacts.

Cocision Settings currently provides Export JSON and Delete All controls for local extension data on that device.

Provider API Keys

Cocision supports user-provided API keys for AI providers. Provider keys are stored locally and encrypted by the extension storage layer. Provider keys are not sent to Cocision servers and are used only to authenticate requests to the provider you selected.

Voice Input And Speech To Text

Cocision voice input is user-triggered. The extension records microphone audio only while you use the voice control on the Cocision checkpoint page. Cocision does not request tab audio capture, page audio, desktop audio, video, screen capture, or background recording.

In the current MVP, raw microphone audio may be sent to OpenAI's speech-to-text endpoint using your own OpenAI API key. Raw microphone audio is not sent to Cocision servers. The page may keep the current recording in memory only long enough to support transcription or a user-triggered retry after a retryable error; it is cleared after a successful transcription, an empty transcript, a non-retryable error, a new recording, a new session, refresh, or page close.

AI Chat Provider Requests

When you use the AI checkpoint, Cocision sends the model-visible checkpoint context and negotiation messages to the selected AI Chat provider. The request may include blocked target context, current negotiation messages, transcript text that became a user message, local strictness and access policy context, visible memory snapshots, prompt metadata, and schema version metadata.

The AI Chat request does not include raw microphone audio, provider API keys, provider request headers, full browsing history, unrelated sessions, unrelated targets, or raw local behavior logs.

Decision Card Feedback

Decision Card feedback is optional. Cocision sends feedback to Cocision only after you explicitly submit feedback for a specific Decision Card. Feedback may include the selected conversation up to that Decision Card, the selected raw model output, Cocision's parsed Decision Card, parser metadata, model-visible context, visible memory snapshots, redacted current attempt context, and your feedback rating or note.

Feedback does not include unrelated sessions, unrelated targets, raw behavior events, full browsing history, provider API keys, provider authorization headers, raw microphone audio, audio hashes, or audio payloads.

Technical Diagnostics

Cocision can send a metadata-only diagnostic report when you choose the diagnostic action after a feedback error. Diagnostics include safe fields such as diagnostic id, install id, app version, terminal error code, coarse payload metadata, and safe environment metadata. Diagnostics do not include checkpoint conversation text, transcript text, model output, feedback note text, raw microphone audio, full URLs, browsing history, or provider API keys.

Data Sale And Advertising

Cocision does not sell user data. Cocision does not transfer user data for advertising, retargeting, or ad measurement.

Third Parties

Cocision may send data to OpenAI when you use OpenAI as an AI Chat provider or speech-to-text provider, to DeepSeek when you use DeepSeek as the AI Chat provider, and to Cocision's backend only for explicit Decision Card feedback outbox submissions or explicit diagnostic reports. Provider requests are subject to the selected provider's terms and data controls for your account.

Data Deletion

You can delete local Cocision extension data from the extension settings on that device. If you submitted feedback or diagnostics to Cocision and want deletion help, contact support@cocision.app.

Changes

Cocision may update this policy when the product, data flows, providers, or store requirements change. The effective date above identifies the current version.