Portage runs entirely on your device. Nothing is sent anywhere.
Last updated: June 25, 2026
Portage does not collect, transmit, store, sell, or share any of your data. It has no analytics, no telemetry, no remote servers, and no third-party services. Everything happens locally in your browser. The export file Portage produces is saved to your local downloads folder; what you do with it from there is up to you.
When you ask Portage to export your data, it reads the categories you select from your browser:
This data is read only when you click an export action, only for the categories you check, and only for as long as it takes to write the export file. Portage does not background-scan or passively monitor any of it.
Portage assembles the selected data into a single .portage.json file.
If you enable the optional encryption toggle, the file is encrypted with AES-256-GCM
using a passphrase you provide. Portage never stores, transmits, or has access to that passphrase
in any form — it exists only in memory during the export operation and is discarded immediately after.
The resulting file is saved to your browser's local downloads folder via the standard download API. Portage has no ability to upload, sync, share, or otherwise move the file anywhere on its own. Any further movement of that file — copying to a USB drive, sending it to yourself, uploading to cloud storage — is an action you take outside of Portage.
When you import a .portage.json file, Portage decrypts it (if encrypted) and writes
the contents back into the destination browser using each browser's native APIs. The file you provide
is read from your local disk only; nothing about the file or its contents is transmitted.
After import, the in-memory copy of the bundle is wiped.
Portage makes no network requests of any kind. There is no analytics endpoint, no telemetry, no update check, no remote logging, no third-party SDK, and no embedded tracker. You can verify this by inspecting the source code, by inspecting the extension files, or by watching network activity in your browser's developer tools while using Portage.
<all_urls>) — required by the browser cookies API to read cookies across sites during export. Portage does not read page content or inject scripts.Portage is not directed at children and does not knowingly collect any information from anyone, including children. Because Portage collects no information at all, there is nothing to disclose, delete, or restrict.
If this policy is ever updated, the revised version will be posted at this URL and the "Last updated" date above will change. Because Portage has no telemetry, there is no in-app notification system; substantive changes will be noted in the GitHub release notes for the version that introduces them.
Portage is MIT-licensed and the complete source code is available at github.com/pvrzz/Portage. Every claim in this policy can be verified against the source.
Portage's use of any data complies with the Chrome Web Store User Data Policy, including the Limited Use requirements. Specifically: data is used only to fulfill Portage's single purpose of browser data migration, is processed entirely on the user's device, and is never transferred to any third party.
Questions about this policy can be filed as an issue on the GitHub repository, or sent to the email address listed on the GitHub profile of pvrzz.