Privacy Policy
Last updated: May 21, 2026 · Effective: May 21, 2026
The short version
Fern Browser doesn't have a server. The developer can't see your chats, what sites you visit, or what's in your bookmarks — there's no backend to store any of it. Everything lives on your Apple Watch.
When you chat with an AI model, your messages go directly from your watch to OpenRouter (a third-party AI routing service) using your own API key. OpenRouter and the upstream model provider then receive that content. Outside of OpenRouter and Apple's own services, no data leaves your device.
The website at fernbrowser.github.io collects nothing. No analytics, no cookies, no third-party scripts. The Save-to-Passwords form runs entirely in your browser — the key you paste never leaves your device.
The full policy below is required by law. The summary above is what's actually true.
Contents
1. Who this policy is from
Fern Browser is developed and maintained by Aiden Mathew, an independent developer. For the purposes of data protection law, Aiden Mathew acts as the "data controller" for any personal data processed in connection with the app or this website.
You can reach the developer via GitHub Issues. There is no separate company, organization, or staff — this is an independent project.
2. What this covers
This policy applies to:
- The Fern Browser app for Apple Watch, distributed via the App Store.
- The website at fernbrowser.github.io, including its setup page.
This policy does not apply to the privacy practices of OpenRouter, the upstream AI providers OpenRouter routes to (OpenAI, Anthropic, Google, Meta, DeepSeek, and others), Apple, GitHub, or any website you visit using the app's URL feature. Each of those services has its own privacy policy, linked where relevant below.
3. Information not collected by the developer
Fern Browser does not have a backend server. The developer does not operate any system that collects, stores, or processes user data. In practical terms, this means none of the following are collected, transmitted to, or accessible by the developer:
- Your name, email, phone number, or any account information.
- Your chat messages, AI prompts, or AI responses.
- Your browsing history, bookmarks, or visited URLs.
- Your IP address, device identifier, or precise location.
- Crash reports, analytics events, performance telemetry, or usage statistics.
- Any payment or billing information (the app is free).
The app contains no third-party software development kits (SDKs) for analytics, advertising, attribution, crash reporting, or social integration. The website contains no analytics, no tracking pixels, no third-party JavaScript, and no third-party cookies.
4. Information stored on your device
The app stores certain information locally on your Apple Watch so that the app can function. This data does not leave your device except where explicitly noted in Section 5 (third parties).
-
Your OpenRouter API key, stored in Apple Keychain with
the access level
kSecAttrAccessibleWhenUnlockedThisDeviceOnly. This means the key is encrypted at rest, accessible only when the device is unlocked, and is not synced via iCloud Keychain in a form accessible to other apps or devices. - Your browsing history (URLs you've opened through the app and the timestamps), stored locally in the app's preferences.
- Your bookmarks (URLs you've saved), stored locally.
- Your selected AI model preference, stored locally.
- Current chat session messages and responses, held in memory while the app is running. These are not persisted across app launches.
You may delete any of this data at any time using the controls inside the app (delete history, delete bookmarks, clear chat, remove API key) or by uninstalling the app. Uninstalling the app removes all locally stored data.
5. Third parties
5.1 OpenRouter
When you use the AI chat feature, your message and any prior context in the current chat session are transmitted from your Apple Watch directly to OpenRouter (openrouter.ai) over HTTPS, authenticated with your own OpenRouter API key. OpenRouter forwards the request to the upstream AI model provider you selected and returns the response.
The developer of Fern Browser does not proxy, log, or otherwise have access to the content of these messages. OpenRouter processes your messages according to its own privacy policy: openrouter.ai/privacy. The upstream AI provider you select (OpenAI, Anthropic, Google, Meta, DeepSeek, and others routed via OpenRouter) processes your messages according to its own privacy policy.
You may stop transmitting data to OpenRouter at any time by not using the AI chat feature or by removing your API key in the app's settings.
5.2 Apple
The app uses several Apple-provided services as part of normal watchOS operation:
- Apple Keychain stores your OpenRouter API key on-device.
- ASWebAuthenticationSession renders any URL you open through the app in Apple's secure web view.
- iCloud Keychain may sync the saved password between your Apple devices if you set it up via the website's Save-to-Passwords flow. The sync is end-to-end encrypted by Apple.
- The App Store handles distribution of the app.
Apple's privacy practices are governed by Apple's Privacy Policy: apple.com/legal/privacy.
5.3 GitHub Pages (website hosting)
The website at fernbrowser.github.io is hosted on GitHub Pages. GitHub may collect standard web server logs (IP addresses, user-agent strings, request timestamps) as part of its normal hosting operation. The developer does not have access to these logs. GitHub's privacy practices are governed by GitHub's Privacy Statement: docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement.
6. Legal basis for processing (GDPR)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent laws apply. The legal bases on which the developer processes personal data are as follows:
- Performance of a contract (Article 6(1)(b)): when you use the AI chat feature, transmitting your message to OpenRouter is necessary to provide the service you have requested.
- Legitimate interests (Article 6(1)(f)): the app must store your API key, history, and bookmarks locally to function. These legitimate interests are balanced against your privacy because the data never leaves your device.
The developer does not rely on consent (Article 6(1)(a)) for any processing, because no data is collected or processed by the developer outside the on-device operation described above.
7. International data transfers
When you use the AI chat feature, your messages may be transmitted to servers located outside your country of residence, including the United States, where OpenRouter and most upstream AI providers operate. Each of those services is responsible for applying appropriate safeguards (Standard Contractual Clauses, the EU-US Data Privacy Framework where applicable, or equivalent mechanisms) for international transfers. See their respective privacy policies for details.
8. Your rights
8.1 European Economic Area, United Kingdom, Switzerland (GDPR / UK GDPR / FADP)
You have the following rights:
- Right of access (Article 15): there is no developer-held data to provide. The data stored on your watch is accessible directly in the app.
- Right to rectification (Article 16): you can edit history, bookmarks, your API key, and your model preference in the app.
- Right to erasure (Article 17): you can delete history, bookmarks, and your API key in the app. Uninstalling the app removes all locally stored data.
- Right to restriction of processing (Article 18): you can stop using the AI chat feature at any time, which halts all transmission to third parties.
- Right to data portability (Article 20): local data is not currently exportable in a machine-readable format. If you require a copy of your local data, contact the developer.
- Right to object (Article 21): you can stop using the app at any time.
- Right not to be subject to automated decision-making (Article 22): the app does not make automated decisions that produce legal effects concerning you.
- Right to lodge a complaint (Article 77): you may complain to your local Data Protection Authority. A list of EU authorities is at edpb.europa.eu/about-edpb/about-edpb/members. UK residents may contact the ICO at ico.org.uk.
8.2 California (CCPA / CPRA)
California residents have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:
- Right to know what personal information is collected, used, disclosed, and sold. As stated in Section 3, the developer collects no personal information.
- Right to delete personal information. The developer holds no personal information. You can delete on-device data in the app at any time.
- Right to correct inaccurate personal information. On-device data is editable in the app.
- Right to opt-out of sale or sharing of personal information for cross-context behavioral advertising. The developer does not sell or share personal information for any purpose.
- Right to limit use of sensitive personal information. The developer does not collect sensitive personal information.
- Right to non-discrimination for exercising any of these rights.
In the preceding twelve (12) months, the developer has not collected, sold, shared, or disclosed any personal information.
8.3 Other US states
Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon, Montana, and other US states with comprehensive privacy laws have substantially similar rights to those described above, including the right to access, delete, correct, and opt-out of targeted advertising or profiling. Because the developer does not collect personal data, these rights are exercised by managing on-device data inside the app.
8.4 Children's privacy
Fern Browser is not directed to children under 13 (in the United States, under COPPA) or under 16 (in the EEA, under GDPR Article 8). The developer does not knowingly collect personal information from children. Because no personal information is collected by the developer at all, this restriction is satisfied by default. If you are a parent or guardian and believe a child has used the app in a way you object to, please contact the developer — though note that no server-side data exists to delete.
8.5 How to exercise your rights
To exercise any right that requires action by the developer, contact via GitHub Issues. Most rights, however, are exercisable directly in the app (delete history, remove key, uninstall).
9. Data retention
- On-device data (history, bookmarks, API key, model preference): retained until you delete it inside the app or uninstall the app.
- Chat session data in memory: discarded when the app is terminated or the chat is cleared.
- Data held by OpenRouter: see OpenRouter's privacy policy. The developer does not control this.
- Data held by upstream AI providers: see each provider's policy.
- Data held by GitHub Pages: see GitHub's policy.
- Data held by the developer: none, because none is collected.
10. Security
-
API keys are stored using Apple Keychain with
kSecAttrAccessibleWhenUnlockedThisDeviceOnly— they are encrypted at rest, accessible only when the device is unlocked, and do not sync to other devices via iCloud. - All network requests use HTTPS with TLS 1.2 or higher, enforced by Apple's network stack.
- The app contains no third-party SDKs that could introduce undisclosed network behavior.
- The website serves no JavaScript that transmits data to a remote server. The setup form uses only the browser's local Credential Management API and standard form-submit behavior, both of which operate within the browser.
No system is perfectly secure. If you believe you have discovered a security vulnerability in the app or website, please report it via GitHub Issues.
11. Cookies and tracking
The website uses no cookies of any kind — no first-party cookies, no third-party cookies, no local storage for tracking, no session identifiers. No tracking pixels. No analytics services (Google Analytics, Plausible, Fathom, or any other). No web fonts loaded from external content delivery networks.
The app contains no advertising identifiers, no third-party tracking SDKs, and does not use Apple's App Tracking Transparency framework to request permission to track users — because it does not track users.
12. Apple App Store privacy disclosures
Apple requires every app on the App Store to declare its data collection practices via "Privacy Nutrition Labels." Fern Browser's label reflects the practices described in this policy:
- Data Not Collected: the developer collects no data from users of Fern Browser.
Data transmitted to third parties (OpenRouter and upstream AI providers) when you choose to use the AI chat feature is processed by those third parties under their own privacy policies. The developer has no visibility into that data.
13. Changes to this policy
If this policy changes in a material way, the "Last updated" date at the top of the document will be revised, and notable changes will be summarized in the app's About screen and at the top of this page for at least 30 days. Continued use of the app or website after a change indicates acceptance of the updated policy. If you do not agree with the updated policy, you may stop using the app.
The full history of changes is available in the commit log of the website's source repository on GitHub.
14. Contact
For any privacy-related question, complaint, or rights request, please open an issue at github.com/fernbrowser/fernbrowser.github.io/issues. Privacy requests will be acknowledged within 30 days where the law requires acknowledgment.