Security & Privacy at Sombra
Last Updated: March 15th, 2026
This page describes how Sombra handles your data — what we capture, how we store it, and how we keep it separated from everyone else's. No marketing language, just specifics.
What the extension captures
The Sombra browser extension extracts the readable content from web pages using r11y, an open-source content extractor. It captures the content DOM only — form inputs, login fields, JavaScript state, and interactive elements are excluded. The extracted content is converted to Markdown before storage.
What gets stored per saved page:
The Markdown content
A redacted copy of the original DOM (with forms, inputs, and scripts stripped) — this is retained for future feature development and is not currently user-facing
Page metadata (title, author, publication date, description)
The source URL and hostname
Any notes or annotations you add
What gets shared in public collections
When you make a collection public, only content you have authored — your notes, annotations, and collection context — is shared. Raw third-party page content is never included in public collections. Sharing is always an explicit opt-in action.
Data isolation
Every database query is scoped to the authenticated user. All Datomic queries include a user clause that filters results to the requesting user's data. This is consistent across every access path — the web app, the API, the MCP server, and search (via Typesense, which maintains per-user scoping).
Entity lookups that fail ownership checks return a uniform 404 response regardless of whether the entity exists, preventing enumeration of other users' resources through UUID guessing or probing. Note: response timing is not currently constant between "not found" and "exists but not yours" — this is a known limitation acceptable for our current threat model.
Encryption & credential handling
In transit: All connections use TLS
Encryption at rest: AES-256-CBC encryption for stored content is on the roadmap
Personal Access Tokens: Stored as SHA-256 hashes — the raw token is shown once at creation and never stored
Sessions: Signed with HMAC-SHA256
Authentication
Sombra uses Google OAuth 2.0 for user authentication. There are no password-based accounts.
For headless and programmatic access, Sombra supports Personal Access Tokens (PATs) — long-lived tokens that can be created from the settings page and revoked at any time.
MCP authentication
The MCP server supports three authentication tiers:
Session-based — for browser contexts where the user is already logged in
Bearer token — OAuth 2.1 with dynamic client registration, used by MCP clients like Claude Desktop
Personal Access Token — for headless agents and scripts
All three tiers resolve to the same user identity and enforce the same per-user data scoping. There is no cross-user enumeration possible through any auth path.
Deletion & data retention
When you archive (delete) content, it is soft-deleted — marked with a timestamp and hidden from all views and search results. Archived items can be restored from the archive.
Permanent deletion (hard purge) is on the roadmap but not yet implemented. If you need data removed from the database entirely, contact us directly.
Privacy & data subject rights
For details on data collection, GDPR rights, data subject requests, sub-processors, and cross-border transfers, see our Privacy Policy.
Backups & availability
Database backups run daily. Backups are replicated offsite for disaster recovery.
Production access
Production database access is restricted to a minimal set of named operators. There are no shared credentials or team-wide access grants.
Infrastructure monitoring & filtering
All traffic passes through a load balancer that filters known server-side attack vectors before requests reach the application servers. We use a third-party monitoring provider with proactive alerting on unusual traffic patterns and anomalous behaviour.
Responsible disclosure
If you find a security issue, please report it to dan@sombra.so. We take all reports seriously and will respond promptly.