Privacy Policy
1. Who this applies to
This Privacy Policy describes how Reach by InferLane ("Reach," "we," "our") handles information when you use any of Reach's five distribution surfaces:
- Reach for Claude Desktop — the one-click
.dxtextension installed into Anthropic's Claude Desktop app. - Reach for ChatGPT — the hosted Model Context Protocol (MCP) server at
reach.inferlane.dev, consumed by the OpenAI Apps SDK. - Reach for Chrome — the Manifest V3 browser extension distributed via the Chrome Web Store.
- Reach for Safari — the same extension wrapped as a Safari Web Extension.
- Reach for Mac — the menu bar app distributed as a notarized
.dmgand via Homebrew.
It also covers the inferlane.dev/reach landing page and the shadow registry hosted at inferlane.dev/reach/registry.
2. Operator
The operator of Reach is InferLane. [Operating entity: to be finalized and disclosed at inferlane.dev/about before public launch.]
For privacy questions, contact us at privacy@inferlane.dev.
3. What Reach handles, by surface
Each surface has a different handling posture. The table below is exhaustive — anything not listed is not collected.
| Surface | What Reach handles | What goes to InferLane servers | What is logged |
|---|---|---|---|
| Claude Desktop | The URL you ask Reach to discover. Manifests fetched from that URL. Optional bearer tokens stored in the host's keychain. | Nothing, by default. Only if you set an InferLane API key: invocation metadata (domain, capability ID, latency, cost estimate). | Nothing on InferLane's side by default. With API key: metadata only — never inputs or outputs. |
| ChatGPT (hosted MCP) | The URL you ask Reach to discover. The per-session McpServer instance lives in memory at reach.inferlane.dev for the duration of a ChatGPT conversation. |
The URL passed through ChatGPT to the hosted endpoint. Manifests fetched server-side from that URL. No payloads of capability invocations are routed via InferLane. | Per-session McpServer is evicted from memory after 30 minutes of idle time. Aggregate request rates are recorded for capacity planning; they contain no URLs and no user identifiers. |
| Chrome / Safari extension | The URL of the tab you currently have focus on (detected from the browser's tab API, not by reading page content). Settings stored in chrome.storage.local. |
Nothing, by default. Same opt-in: with an InferLane API key, invocation metadata only. | Nothing on InferLane's side by default. |
| Mac menu bar | The URL of the active tab in your frontmost browser (detected via Apple Events). Clipboard intent payloads when you click a capability. | Nothing, by default. Same opt-in. | Nothing on InferLane's side by default. |
| inferlane.dev/reach landing page | Standard web server logs (anonymized IP, user agent, requested path). | The host running the site (Vercel) processes the request. Logs retained per Cookie Policy. | Aggregate page-view counts. No advertising trackers. No third-party analytics by default. |
| Shadow registry | The domain name you query (for example, github.com). Negative-cache state stored client-side. |
The hosted JSON file you fetch from inferlane.dev/reach/registry/v1/{domain}.json. The CDN may log the lookup. |
CDN-level aggregate counts (which domains are most queried). No user identifiers. |
3.5. Reach handles, operator accounts, and voice signaling
From v1.1 onward, Reach also offers three opt-in surfaces that involve more data than the original discovery layer above. Each is described in its own subsection. None of these is enabled by default: you have to claim a handle, sign up as an operator, or place a voice call before any of this applies.
3.5.1 Personal-tier Reach handles (the /reach/claim flow)
If you claim a personal handle (for example @heath) so that other Reach users can call you in their browser without your phone number, the following data is handled by the InferLane Reach handles backend (api.reach.inferlane.dev):
| What we store | How | Why |
|---|---|---|
| Your phone number, encrypted | AES-256-GCM (authenticated encryption) with a server-only key. Stored as (ciphertext, IV, auth tag). The plaintext is held only in memory during the SMS verification step and is discarded as soon as the database write completes. |
So we can recognise that the same number is trying to re-claim, and (in future) so we can SMS-notify you if you opt in to incoming-call alerts. |
An HMAC of your phone number (phone_hash) |
HMAC-SHA-256 under a server-only key. Acts as the unique database index. Not reversible without that key. A database dump alone does not let an attacker enumerate which phone numbers are claimed. | Defense in depth on the index column. |
A plain SHA-256 of your phone number (phone_lookup_hash) |
Public. Used as the entries in the Bloom-filter snapshot served at /bloom.bin, so Reach client surfaces can answer "is this tel: link a Reach handle?" offline without sending the number to us. This hash is brute-forceable (the NANP space is ~10 billion numbers; one SHA-256 each). We accept this trade-off because being a Reach handle is a public opt-in and the snapshot is intentionally distributed. |
So Reach clients can pre-filter tel: links to claimed numbers without leaking every number you read to us. |
Your chosen handle, your display name, the SIP endpoint (e.g. sip:heath@reach.inferlane.dev), claim timestamp |
Plaintext. These are intentionally public: they appear on your calling-card page at inferlane.dev/@<handle> and in the synthesized voice manifest. |
So callers can find and dial you. |
3.5.2 SMS verification
When you submit a phone number to claim a handle, we send a one-time 6-digit code via Short Message Service (SMS). The SMS is sent by our transactional SMS provider (currently Twilio); see §9 for the processor list. The verification attempt record stores:
- The hashed phone number (HMAC, same as above).
- A scrypt hash of the OTP code (so a database dump cannot reveal in-flight codes).
- An HMAC of the source IP for rate-limiting.
- Creation and expiry timestamps, fail count, consumed flag.
Verification attempts expire after 10 minutes and are deleted by a background job within 24 hours. Standard message rates from your carrier may apply; InferLane does not charge for the verification SMS.
3.5.3 Voicemail-style SMS notifications (B.5, opt-in only)
If you opt in to "SMS me when someone tries to reach me while my browser is offline," InferLane will send an SMS to your verified number with a link to answer the call in your browser. This is off by default and requires explicit per-account opt-in. Per-caller and per-recipient rate limits apply. You can disable it at any time from the dashboard; SMS notifications cease on the next dispatched call attempt.
3.5.4 Bloom-filter snapshot
InferLane publishes a Bloom-filter snapshot of all currently-active phone_lookup_hash values at api.reach.inferlane.dev/bloom.bin. The snapshot uses a fresh random salt embedded in the header (the "RBF2" wire format) so any client holding the snapshot can query it offline. The privacy posture is documented inline in the format header and is summarised here:
- Our server never learns which phone numbers you look at. This is the primary privacy goal and is preserved by design — clients query the cached snapshot, not us.
- Snapshot-holders can brute-force the claimed set. An attacker with a snapshot can compute SHA-256 of every NANP number and check membership; this is feasible in hours on commodity hardware. We accept this because being a Reach handle is a public opt-in.
- The salt rotates per snapshot (in production, daily), so yesterday's snapshot does not help confirm today's claims.
3.5.5 Operator accounts (the /reach/operator dashboard)
If you sign up as a business operator (a publisher that controls a domain and wants to take WebRTC calls dialled at that domain), we additionally hold:
- Your email address (used as the login identifier; required).
- A scrypt password hash (parameters N=215, r=8, p=1) — the plaintext password is never stored or recoverable.
- Your display name (optional).
- For each domain you add: the domain name, a DNS-TXT challenge token while pending, the verified-at timestamp once successful, status (pending/active/suspended).
- For each endpoint you create: the URL-safe slug, name, description, hours configuration, voicemail configuration, recording policy, sensitivity flag.
- For each agent you invite: a generated SIP username, a scrypt hash of the generated REGISTER password, display name, status, invite/last-register timestamps. The plaintext password is shown to you exactly once at invite time and is not recoverable thereafter.
Operator sessions use a JSON Web Token (JWT) HMAC-signed under the same server key; the JWT is stored in an HTTP-only, SameSite=Lax, Secure (in production) cookie named reach_operator. Default TTL is 7 days; the cookie is cleared on sign-out.
The DNS-TXT verification step queries the public DNS for a TXT record at _reach-verify.<your-domain>. InferLane queries DNS; nothing is stored about other records at that name.
3.5.6 Voice signaling and call metadata
When a Reach call is placed (either to sip:<handle>@reach.inferlane.dev or to a verified publisher's sip:<endpoint>@<domain>), the call traverses the InferLane Reach signaling server (voice.inferlane.dev). The signaling server proxies SIP signaling only — audio media never traverses InferLane infrastructure. Media flows browser-to-browser over WebRTC; symmetric-NAT callers may relay media through a TURN server, which is configured with no-log and does not decode or store media.
Per-call metadata logged by the signaling server is intentionally narrow:
- The dialled domain (e.g.
reach.inferlane.devorexamplebank.com). - The dialled endpoint id (e.g.
heathorsupport). - The routing decision:
ring-agent,voicemail, orreject. - The SIP response status code (180, 200, 486, 503, ...).
- Round-trip signaling latency in milliseconds.
- Whether the agent answered (boolean).
- Whether the call was recorded by the publisher (boolean — InferLane never records on its own).
The signaling server never logs: the caller's identity or IP, the dialled phone number (for handle-namespace calls the handle is the identifier — the underlying phone number is not in the call path), the audio stream, any transcript, the WebRTC SDP body, or any capability arguments. A continuous-integration grep guard in the project's .github/workflows/ci.yml hard-fails the build if a developer accidentally introduces a regression that would log capability arguments.
Call metadata is retained for 90 days for operational debugging, then aggregated and anonymized.
4. What Reach explicitly does NOT collect
- The contents of pages you visit. Reach reads the URL only; it does not read body content, form data, cookies, or page DOM.
- The inputs or outputs of any capability you invoke. Reach surfaces capabilities; the host (Claude, ChatGPT, your code) invokes them. Reach has no record of what was sent or returned.
- Your name, email address, phone number, or any government identifier — unless you voluntarily submit one to support.
- Your browsing history. Reach knows only the URL of the tab you currently have focused, and only when you actively use it.
- Advertising identifiers, device IMEI, MAC addresses, or persistent device fingerprints.
- Crash reports — by default. We may ask you to share a crash log if you raise a support ticket.
5. Cost-tracking opt-in (the InferLane API key)
Each surface offers an optional setting: paste an InferLane Application Programming Interface (API) key, and Reach will log invocation metadata to your InferLane account. When configured, the following fields travel to InferLane on each capability invocation:
- The domain (for example,
github.com). - The capability identifier (for example,
create_issue). - The manifest source (live publisher manifest vs. shadow registry).
- Round-trip latency in milliseconds.
- Cost estimate, if the capability declared one.
The inputs and outputs of the capability call are never sent to InferLane. You can revoke the API key at any time inside the surface's settings; logging stops immediately on the next invocation.
6. Authentication tokens
If a capability requires authentication (typically OAuth or a bearer token), the token is stored locally on your device by the host's standard secret store:
- Claude Desktop: file-system store with operating-system keychain encryption.
- ChatGPT: OpenAI's session vault — InferLane never sees the token.
- Chrome / Safari extension:
chrome.storage.local, scoped to the extension. - Mac menu bar: Apple Keychain via Tauri's secrets bridge.
Reach does not centrally collect or sync these tokens across devices.
7. Data retention
| Data class | Retention period | Trigger for deletion |
|---|---|---|
| In-memory MCP session state (hosted ChatGPT surface) | 30 minutes of idle time, or end of conversation | Automatic eviction; no manual recovery |
| Manifest cache (per-device, in memory) | 15 minutes default time to live (TTL) | Automatic eviction; HTTP ETag revalidation |
| Negative cache (registry misses) | 1 hour | Automatic; clears the next time the domain is queried |
| Extension settings (Chrome / Safari) | Until you uninstall or reset | You: via the extension's settings page |
| Cost-tracking logs (opt-in, on InferLane servers) | 7 years for financial records; aggregated and anonymized after 90 days for non-financial use | You: by deleting the InferLane API key, or via a data subject request |
| Web server access logs (landing page) | 90 days, then aggregated | Automatic |
| Support correspondence | 2 years from last activity | You: by request |
| Reach handle claim (encrypted phone + handle + display name) | Until you revoke the claim, or 24 months of total inactivity | You: by clicking "Delete handle" in the operator UI or emailing privacy@inferlane.dev. The encrypted phone row is deleted within 7 days; the bloom-filter snapshot stops including the lookup hash on the next rebuild (daily). |
| SMS verification attempts | 10 minutes (active TTL); deleted within 24 hours | Automatic background job |
| Operator account + publisher + endpoint + agent records | Until you delete the resource or close the account; closed accounts purged within 30 days | You: via the operator dashboard |
| Operator session cookies (JWT) | 7 days from issue; cleared on sign-out | You: by signing out or clearing browser cookies |
| Voice call metadata (signaling server) | 90 days, then aggregated | Automatic |
8. Data subject rights
If you live in a jurisdiction with a comprehensive privacy law (the European Union, the United Kingdom, California, Australia, Canada, Brazil, and others), you have the following rights with respect to data InferLane holds about you:
- Access: request a copy of the data InferLane holds about you.
- Rectification: ask InferLane to correct inaccurate data.
- Deletion: ask InferLane to delete data we hold about you, subject to legal retention requirements (for example, tax records).
- Portability: receive your data in a machine-readable format.
- Objection: object to processing based on legitimate interest.
- Withdraw consent: where processing is based on consent (cost-tracking opt-in, marketing email), withdraw at any time.
Email privacy@inferlane.dev to exercise any of these rights. InferLane will respond within 30 days.
9. Third-party processors
InferLane uses the following processors. Each processes only the data necessary for the specified function.
| Processor | Function | Data shared |
|---|---|---|
| Vercel (or equivalent hosting) | Landing page + static registry CDN | Web server logs (anonymized IP, user agent) |
| Render / Fly.io / equivalent | Hosting for the ChatGPT MCP endpoint | Request URLs (no payloads) |
| Resend / equivalent transactional email provider | Support correspondence + receipts | Your email address and message content if you contact support |
| Stripe (premium SLA tier only) | Payment processing | Your billing details (card or bank), to Stripe directly — InferLane never sees full card numbers |
| Twilio (handles backend, when SMS adapter is enabled) | One-time-code SMS for handle verification; opt-in offline-call notifications (B.5) | The destination phone number and a short message containing the one-time code or the call-answer link. Twilio retains delivery records per its own retention policy. |
| Fly.io (reach-signaling + reach-handles) | Hosting | Encrypted-at-rest database; request URLs at the proxy edge (no payload bodies). Signaling traffic is SIP-over-WSS only — no media bytes. |
10. International transfers
InferLane operates from Australia. If you use Reach from outside Australia, your data may be transferred to and processed in Australia or in the regions where our processors operate (typically the United States and the European Union). Transfers are governed by Standard Contractual Clauses or equivalent legal mechanisms where applicable.
11. Children
Reach is not directed at children under 13 (or 16, where local law sets a higher age of digital consent). If you believe a child has provided personal information to InferLane, please contact privacy@inferlane.dev and we will delete it.
12. Security
InferLane follows industry-standard practices: Transport Layer Security (TLS) for all network traffic, hardened operating system images, principle-of-least-privilege access controls, encryption at rest for stored data, and a documented incident response process. No system is perfectly secure; in the event of a breach affecting your data, InferLane will notify you within the time required by applicable law (72 hours under the European General Data Protection Regulation; equivalent windows elsewhere).
13. Changes to this Policy
If we make a material change, we will notify users via a banner on inferlane.dev and (if you have an InferLane account) by email at least 30 days before the change takes effect. The current version is always available at inferlane.dev/reach/legal/privacy-policy.html with a visible effective-date stamp.
14. Contact
Privacy questions, data subject requests, and complaints: privacy@inferlane.dev.
If you are dissatisfied with InferLane's response, you have the right to lodge a complaint with your local data protection authority (for example, the Office of the Australian Information Commissioner, the European Data Protection Board, or the United Kingdom Information Commissioner's Office).