Crossroad

Privacy policy

Crossroad — web app and Chrome extension · Last updated: 16 July 2026

Crossroad is a tool for capturing product insights (text you select, screenshots you snip) into a workspace you own or were invited to, and asking questions across them. This policy describes what data the tool handles and where it goes. The guiding principle: nothing is collected beyond what you deliberately capture, and it goes only to Crossroad and the providers listed below.

Data you actively capture

The extension reads a page only when you trigger a capture on it. It does not track browsing, does not read pages in the background, and captures nothing without a deliberate action (clipboard-based captures always show a confirmation dialog first).

Data the app stores as you use it

Account data

Sign-in uses Google. We store your Google account's basic profile: name, email address, and profile picture. We never see or store a password. Sessions and refresh tokens are stored hashed.

Where your data lives

For the hosted service at joincrossroad.com, Crossroad operates the backend on European infrastructure (a server in Germany), reached through Cloudflare. Data is isolated per workspace — only members of a workspace can see its data. Deleted material goes to a 30-day trash, after which it is permanently removed and its stored files (screenshots) are erased from disk. Backups are encrypted before they leave the server and stored off-site, rotating on a rolling cycle. The software can also be self-hosted, in which case your own operator — not Crossroad — hosts and controls the data.

Subprocessors

The hosted service relies on these providers to operate. Captured content is sent only to the AI providers, and only to deliver the features you use:

These providers process content to provide the service; they are not sent your browsing activity, and captured data is not used to train the AI models under the API terms in effect.

What we don't do

Chrome permissions, briefly

Your controls

Data processing

When you use Crossroad for business, captured content may contain other people's personal data. In that case you are the data controller and Crossroad is your processor — see the Data Processing Addendum for the sub-processor list, security measures, and how we handle data-subject requests.

Cookies and analytics

The website and web app use a few strictly-necessary cookies (to keep you signed in and to remember your cookie choice). We also use optional product analytics to understand how Crossroad is used — it only runs if you consent, you can reject or withdraw it at any time, and it never runs in the browser extension. Every cookie and provider is listed in our Cookie policy.

Contact

Questions, or any privacy request you can't complete in the app: [email protected]. We respond to access, correction, and erasure requests within 30 days.

Terms of Service · Privacy policy · Cookie policy · Data Processing Addendum · Cookie settings