Privacy by Design: Unlike Big Tech companies that harvest your data in the shadows, Action Model operates with complete transparency. You know what we collect, why we collect it, and you’re rewarded for every contribution. This is how data sharing should work.
Our Privacy Commitment
You Own Your Data, We’re Just Borrowing It
Full Transparency
Every piece of data collected is documented. No hidden tracking, no surprise collection, no dark patterns.
User Control
Pause, delete, or export your data anytime. Add sites to block lists. You have complete control.
Fair Compensation
Unlike others who profit from your data, we reward you with tokens that represent actual ownership.
Security Architecture
Enterprise-Grade Protection
Multi-Layer Security: Your data is protected by industry-standard encryption and security practices at every stage, from collection through storage to processing.
Multi-Layer Security Model
- Collection Layer
- Transport Layer
- Storage Layer
- Processing Layer
Secure Data Capture
Browser Extension Security:- Runs in an isolated sandbox environment
- No access to other extensions or tabs
- Encrypted data transmission
- Local anonymization before sending
- SSL/TLS encryption for all transfers
- Certificate pinning to prevent MITM attacks
- Data compression and obfuscation
What We Collect vs What We Don’t
Complete Transparency
✅ What We Collect
✅ What We Collect
Interaction Data:
- Click coordinates and targets
- Page navigation sequences
- Form field interactions (not content)
- Scroll patterns
- Time spent on tasks
- Page URLs (excluding parameters)
- DOM structure
- Screenshot regions (anonymized)
- Browser viewport size
- General geographic region (country)
- Page load times
- Action success/failure
- Network request metadata
- Error states
❌ What We Never Collect
❌ What We Never Collect
Personal Information:
- Passwords or login credentials
- Credit card or payment details
- Social Security numbers
- Personal health information
- Private messages or emails
- Form input values (only structure)
- File contents
- Clipboard data
- Camera or microphone access
- Location beyond country level
- Installed software list
- File system contents
- Other browser data
- Cookies or session data
- Hardware identifiers
Automatic Privacy Protection
Smart Exclusions
Zero-Touch Security: Sensitive sites are automatically excluded without any action required from you. Banking, healthcare, and government sites are never recorded.
Protected Categories
| Category | Examples | Protection Level |
|---|---|---|
| Financial | Banks, payment processors, crypto exchanges | Complete exclusion |
| Healthcare | Patient portals, insurance, medical sites | Complete exclusion |
| Government | Tax sites, DMV, benefits portals | Complete exclusion |
| Authentication | Password managers, 2FA apps | Complete exclusion |
| Adult Content | Automatically detected and excluded | Complete exclusion |
| Private Browsing | Incognito/Private mode | Never recorded |
User Control Features
You’re in Charge
1
Pause Anytime
One click to pause all recording. Set schedules for automatic pausing during work hours or specific times.
2
Custom Block Lists
Add any website to your personal block list. These sites will never be recorded, no questions asked.
3
Selective Sharing
Choose which types of data to share. Want to exclude screenshots? Forms? Network requests? You decide.
4
Data Deletion
Request complete deletion of your data at any time. We’ll remove it from all systems within 72 hours.
5
Export Your Data
Download all your contributed data in standard formats. It’s yours, take it whenever you want.
6
Earnings Transparency
See exactly what data earned you tokens and why. Complete transparency in the reward system.
Data Anonymization
Privacy-Preserving Techniques
K-Anonymity: Your data is aggregated with many other users’ data before processing, making individual identification impossible.
Anonymization Pipeline
Stage 1: Collection
- Remove personal identifiers
- Strip URL parameters
- Blur sensitive regions
- Hash user sessions
Stage 2: Processing
- Aggregate similar actions
- Add statistical noise
- Generalize specifics
- Remove outliers
Stage 3: Storage
- Separate data from identity
- Distribute across servers
- Encrypt all records
- Regular data rotation
Stage 4: Training
- Batch processing only
- No individual tracking
- Differential privacy
- Secure aggregation
Compliance & Regulations
Meeting Global Standards
- GDPR Compliance
- CCPA Compliance
- Global Standards
European Standards
Your Rights Under GDPR:- Right to access your data
- Right to rectification
- Right to erasure (“right to be forgotten”)
- Right to data portability
- Right to object to processing
- Right to restriction of processing
- Privacy by design and default
- Data minimization
- Purpose limitation
- Lawful basis for processing
- Data protection officer appointed
Data Governance
Community-Owned, Community-Governed
DAO Oversight: Major privacy decisions are voted on by token holders. This isn’t corporate privacy theater, it’s community-controlled data governance.
Governance Structure
Privacy Committee
Privacy Committee
Elected community members who oversee privacy practices, review policies, and ensure compliance with our commitments.
Transparency Reports
Transparency Reports
Quarterly reports detailing data collected, requests received, actions taken, and any privacy incidents.
Community Audits
Community Audits
Token holders can propose and vote on independent privacy audits to verify our practices.
Open Development
Open Development
Our privacy tools and anonymization algorithms are open-source for community review and improvement.
Security Measures
Protecting Your Contribution
Infrastructure Security
Data Centers:
- Enterprise-grade cloud infrastructure
- Geographic redundancy
- 24/7 monitoring
- Physical security controls
- Disaster recovery protocols
Application Security
Software Protection:
- Regular security updates
- Vulnerability scanning
- Code signing
- Secure development lifecycle
- Bug bounty program
Access Control
Authentication:
- Multi-factor authentication
- Biometric options
- Session management
- IP allowlisting
- Anomaly detection
Incident Response
Incident Response:
- 24/7 security monitoring
- Automated threat detection
- Documented incident response procedures
- User notification protocols
- Recovery and remediation plans
Privacy Tools
Take Control
1
Privacy Dashboard
Access your personal privacy dashboard to view all collected data, manage settings, and control sharing preferences.
2
Data Inspector
See exactly what data was collected from each session, with the ability to delete specific recordings.
3
Block List Manager
Easily add, remove, and manage websites on your personal block list with wildcard support.
4
Consent Center
Granular control over what types of data you share, with easy toggle switches for each category.
Trust & Transparency
Our Open Commitment
Radical Transparency: We publish everything, from privacy policy changes to security incidents to data request statistics. No corporate PR spin, just facts.
Transparency Initiatives
| Initiative | Description | Frequency |
|---|---|---|
| Public Audits | Third-party security audits published in full | Annual |
| Transparency Reports | Data requests, collection stats, incidents | Quarterly |
| Privacy Changelog | Every privacy policy or practice change | Real-time |
| Community Q&A | Direct answers to privacy questions | Monthly |
| Open Source Tools | Privacy and security tools available on GitHub | Ongoing |
Frequently Asked Questions
How is this different from Google or Meta collecting my data?
How is this different from Google or Meta collecting my data?
Three fundamental differences: (1) Transparency - You see exactly what’s collected and why. No hidden tracking or dark patterns. (2) Compensation - You earn tokens that represent real ownership, not just “personalized ads.” (3) Control - Pause anytime, delete anything, block any site. With Big Tech, you’re the product. With Action Model, you’re an owner.
What exactly happens when I browse with the extension running?
What exactly happens when I browse with the extension running?
The extension records your interactions (clicks, navigation, scrolling) on sites that aren’t automatically excluded. Before sending anything, it removes personal identifiers and anonymizes the data locally on your device. You can review what was captured in your dashboard and delete any session before it’s used for training. Banking, healthcare, government sites, and private browsing are never recorded.
If I accidentally visit something I don't want recorded, what do I do?
If I accidentally visit something I don't want recorded, what do I do?
Three options: (1) Add the site to your block list immediately - the extension will stop recording and won’t send that session. (2) Delete the specific session from your dashboard before it’s submitted. (3) Use the pause button before visiting sensitive sites. We also have smart detection that automatically excludes financial, healthcare, and other sensitive sites.
How does automatic site exclusion actually work?
How does automatic site exclusion actually work?
The extension maintains an encrypted list of patterns for sensitive sites (banking domains, healthcare portals, government sites, password managers, etc.). Before recording anything, it checks the URL against this list. If there’s a match, recording is disabled for that tab. The list is updated regularly and you can add your own patterns to your personal block list.
Can anyone identify me from my training data?
Can anyone identify me from my training data?
No. Your data goes through a 4-stage anonymization pipeline: (1) Personal identifiers are removed on your device before sending. (2) Server-side processing strips additional metadata and adds statistical noise. (3) Your data is aggregated with other users (k-anonymity). (4) The LAM only trains on aggregated patterns, never individual sessions. No one can trace anonymized data back to individual contributors.
Does contributing more data mean sacrificing more privacy?
Does contributing more data mean sacrificing more privacy?
Not necessarily. You control what types of data you share. You can contribute navigation patterns without screenshots, or exclude form interactions while sharing clicks. More contribution does earn more tokens, but the anonymization process is the same regardless of volume. Quality diverse data from your normal browsing is often more valuable than high-volume generic data.
How do you track my earnings without tracking me personally?
How do you track my earnings without tracking me personally?
Your wallet address is cryptographically separated from your training data. When you contribute, the system generates a hash that proves you contributed without revealing what you contributed. Your earnings are calculated based on data quality metrics (diversity, usefulness, error rate), not personal tracking. We verify your contribution without monitoring your browsing behavior.
What stops Action Model from becoming just another Big Tech data harvester?
What stops Action Model from becoming just another Big Tech data harvester?
(1) Community governance - Major privacy decisions require token holder votes. (2) Open source - Anonymization algorithms and privacy tools are publicly auditable. (3) Economic alignment - We make money when the LAM performs well, not when we sell your data. (4) Transparency reports - Quarterly disclosures of all data practices, requests, and incidents. (5) Legal structure - The foundation is community-owned, not venture-backed with extraction incentives.
Can I use this with VPN, ad blockers, and other privacy tools?
Can I use this with VPN, ad blockers, and other privacy tools?
Yes. The extension works alongside VPNs, ad blockers (uBlock, Privacy Badger, etc.), tracker blockers, and privacy-focused browsers. We encourage layered privacy. The only thing that might reduce earnings is if privacy tools block sites that would provide valuable training data, but your privacy always comes first.
What happens if there's a data breach?
What happens if there's a data breach?
(1) Immediate notification to all affected users within 24 hours. (2) Anonymized data cannot be traced back to individuals. (3) No passwords, payment information, or credentials are stored. (4) Full transparency reports detailing what happened, what was exposed, and remediation steps. (5) Community governance will determine appropriate response and potential compensation.
Can I see what data was collected before it's sent for training?
Can I see what data was collected before it's sent for training?
Yes. The dashboard’s Data Inspector shows every session captured, including timestamps, sites visited (domains only), and data types collected. You can review, download, or delete any session before it’s submitted for training. Once you approve a session, it enters the anonymization pipeline within 24 hours.
Can I use this on my work computer without my employer seeing my personal browsing?
Can I use this on my work computer without my employer seeing my personal browsing?
Your data is anonymized before leaving your device - your employer can’t intercept identifiable browsing data. However, like any browser extension, your IT admin can see you have it installed. If you’re using a work computer for personal browsing, use a separate browser profile with the extension only on your personal profile, or pause the extension during work hours using the schedule feature.
Does incognito/private browsing mode get recorded?
Does incognito/private browsing mode get recorded?
No, never. The extension automatically disables in all private/incognito browsing modes. If you want to browse without contributing training data but stay in normal mode, use the pause button or set a schedule.
Who actually has access to the raw training data?
Who actually has access to the raw training data?
Nobody has access to raw, individual user data. Here’s the access hierarchy: (1) You - See your own data before anonymization. (2) Automated systems - Process and anonymize data, no human access. (3) Data scientists - Only see aggregated, fully anonymized training sets. (4) Community - Can audit statistical reports and anonymization algorithms. No employee, founder, or administrator can view your specific browsing sessions.
How can I verify you're actually keeping these promises?
How can I verify you're actually keeping these promises?
(1) Open source tools - Review anonymization code on GitHub. (2) Third-party audits - Annual security audits published in full. (3) Transparency reports - Quarterly statistics on data collection and requests. (4) Community audits - Token holders can vote to commission independent reviews. (5) Your own data - Export everything and verify what we have. (6) Bug bounty - Report violations for rewards.
Security Resources
Privacy Policy
Read our complete privacy policy in plain English
Chrome Privacy
Chrome extension privacy details
Report an Issue
Found a security issue? Report it for rewards
Your privacy isn’t a feature. It’s a fundamental right. We protect it. You control it. Together, we own the future.