The short version
- No telemetry. The Echo app sends us no record of what you play or how you use it.
- No account, no cloud. No sign-up, no login. Your listening history lives only on your Mac.
- The extension stays local. It sends what it reads only to the Echo app on your own machine, over a loopback address (127.0.0.1) that never reaches the internet.
- No page reading. The extension reads only standard now-playing media information, never your page text, passwords, messages or browsing history.
- No cookies, no fingerprinting. The website uses Umami, a cookieless, privacy-first analytics tool that can't identify you (details below).
Who is the data controller?
The data controller for any personal data we hold about you is:
TJH/CO LIMITED (trading as THEODORE HQ)
A company registered in England and Wales
Company number: 16589593
Registered office: Fairway House, Links Business, Fortran Rd, St. Mellons, Cardiff, CF3 0LT, United Kingdom
Email: support@theodorehq.com
What does Echo store on your Mac?
Everything Echo remembers stays on your Mac, in your Library folder. It keeps a local history of what you play so it can resurface and resume it: the title, artist, album, artwork image URL and playback position that a media app or web page already publishes, the source it came from, and your own additions such as Moments, pins and renames. It also keeps your settings, and your licence key and activation ID (stored in the macOS Keychain, encrypted by the operating system). None of this is ever transmitted off the device.
The browser extension, and what it reads
The companion extension is optional. It does nothing unless the Echo app is installed and running on the same Mac. To remember and resume browser media, it reads only what it needs:
- Now-playing metadata - the title, artist, album, artwork image URL and playback position that a page already publishes via the standard MediaSession, or a
<video>/<audio>element exposes. - The page it came from - the tab's URL, so Echo can reopen the exact thing later.
- Basic playback state - whether something is playing or paused, and its duration, to track your progress.
The extension does not read page text, form contents, passwords, messages, your browsing history, keystrokes, or anything beyond the media information above.
Why the extension can run on any site
Media plays across many different websites (YouTube, Spotify Web, SoundCloud, Apple Music on the web, news sites, and more). So the extension is able to observe the standard media information on whatever site you play media, and, when you choose to resume something, to reopen that site's tab and continue playback. This broad access exists solely to capture and resume your media; it is never used to read other page content.
Where the extension sends data
Only to your own Mac. The extension sends the information it reads to the Echo app's local server at http://127.0.0.1:17893, a loopback address reachable only from your computer that never travels over the internet. The app rejects any request carrying a web Origin, so web pages cannot reach it. We run no remote servers that collect this data. Nothing is uploaded, shared, sold or transferred to us or any third party. Echo contains no advertising and no third-party analytics or tracking SDKs.
Permissions the extension requests, and why
- Access to the sites you play media on (host access): to read the standard media information on any site, and to reopen and resume a tab you choose to continue.
- Tabs: to reopen the right tab, bring it to the front, and pause other playing tabs so only the media you resumed plays.
- Scripting: to seek a video or track to where you left off and press play when you resume it.
- Local connection (127.0.0.1 / localhost): the only network destination, the Echo app on your own Mac.
Does Echo make any network requests?
Yes, exactly two kinds, and neither one carries anything about what you play.
Update checks. About once an hour Echo checks https://www.theodorehq.com/echo/appcast.xml for a new version. The request contains your current Echo version and your macOS version, so we can serve the right update. It carries no unique identifier and is verified by Apple's Sparkle framework. You can turn update checks off at any time.
Licence checks. Echo talks to Polar.sh, our licensing provider, in three situations: once when you activate your licence, periodically to revalidate it (at most every seven days), and if you deactivate it to move Echo to another Mac. Each call sends only your licence key and a device label (your Mac's local name, for example "Theodore's MacBook Pro"). After activation Echo caches the result and runs offline for up to seven days.
What personal data do we hold, and on what basis?
Three categories. The law requires us to name a lawful basis under Article 6 of the UK GDPR for each.
Your purchase email and licence-key record
Held so we can deliver and verify your licence.
Lawful basis: contractual necessity (Art 6(1)(b)).Newsletter subscription (the same email)
Used to send occasional product updates about Echo. You consent at checkout via an unticked box, and every email has a one-click unsubscribe.
Lawful basis: soft opt-in under PECR Regulation 22(3).Licence-activation logs
Timestamp, country and the IP address of the activation request, kept to detect fraud and licence abuse.
Lawful basis: legitimate interests (Art 6(1)(f)).How long do we keep it?
- Purchase email and licence record: while your licence is active, plus seven years after your last purchase, to meet HMRC tax-record requirements (Schedule 11 of the VAT Act 1994 and corresponding income-tax rules).
- Newsletter subscription: until you unsubscribe, plus thirty days while we process the unsubscribe.
- Licence-activation logs: twelve months from activation, then automatically deleted by Polar.
- Support emails: two years, then deleted, unless you ask us to keep them for an open issue.
Storage and your control
Your history lives on your Mac, under your control. You can remove individual items, clear everything from a source, or delete your whole history from within the app, and removing Echo removes its stored data. The extension keeps no lasting record of its own; uninstalling it stops all browser capture immediately.
Crash reports
Echo does not send crash reports or diagnostics automatically. Nothing about a crash leaves your Mac unless you choose to send it. If macOS itself shows a "Send to Apple" dialog, that is Apple's standard system, not us, and you control it in System Settings > Privacy & Security > Analytics & Improvements.
Cookies and this website
No cookies. No third-party trackers. No advertising scripts. No fingerprinting. For website analytics we use Umami (see the next section), which is cookieless and stores nothing on your device by default. If you switch this page between light and dark, that preference is stored locally in your browser; it is purely functional and exempt from consent under PECR Regulation 6(4).
Website analytics (Umami)
To understand which pages people find useful, this website uses Umami, a privacy-friendly analytics tool we self-host on our own server at analytics.theodorehq.com. (Echo the app contains no analytics of any kind; this is the website only.)
Umami records aggregate, non-identifying information: the page URL, page title and referrer, the country your visit came from (derived from your IP address, which is then immediately discarded and never stored), and your browser, operating system, device type and screen size. It sets no cookies, does not fingerprint your device, does not follow you across other websites, and shares nothing with any third party. We cannot identify you from it.
Lawful basis: legitimate interests (Art 6(1)(f) UK GDPR) in understanding aggregate site traffic without identifying individual visitors. Retention: aggregate figures indefinitely; raw event records for twelve months.
How to opt out. Any standard content blocker (uBlock Origin, Ghostery, Brave's shields) blocks it automatically. Or, in your browser's developer console on this site, run localStorage.setItem('umami.disabled', '1'), which Umami treats as a permanent opt-out for this domain.
International transfers
Polar.sh, our payment and licensing provider, is based in the United States. When you buy a licence, your email and country of purchase are processed by Polar in the US under the UK International Data Transfer Agreement (IDTA), the UK government's approved transfer mechanism. You can read Polar's data-processing agreement at polar.sh/legal/dpa. No other international transfers occur.
Your rights under UK GDPR
To exercise any of these, email support@theodorehq.com. We respond within thirty days, free of charge.
Complaining to the ICO
If you think we have handled your data improperly, you can complain to the UK Information Commissioner's Office: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Helpline: 0303 123 1113. ico.org.uk/make-a-complaint. We would much rather you email us first so we can put it right, but the right to escalate is yours.
Chrome Web Store Limited Use
Echo's use of information received from Google APIs and the Chrome Web Store adheres to the Chrome Web Store User Data Policy, including the Limited Use requirements. The extension uses the media information it reads only to provide Echo's remember-and-resume feature on your own device; it does not transfer that information to any server, use it for advertising, or sell it.
Children
Echo is a general-purpose productivity tool and is not directed at children under 13 (the UK age of digital consent under section 9 of the Data Protection Act 2018). We do not knowingly collect any personal data from anyone under 13. If you believe we hold such data in error, email us and we will delete it promptly.
Changes to this policy
If we change this policy we will update the date at the top, and email anyone on the customer list a plain-English summary of what changed at least fourteen days before it takes effect. We will not quietly start collecting more from existing users.
Contact
For any questions or concerns, email support@theodorehq.com. Every message is read by a person on our team.
See also our Terms of Service.