Privacy policy
Last updated: July 15, 2026
What HaveTML is
HaveTML (havetml.com) hosts single-file HTML and Markdown artifacts so you can share them with a link, collect comments, and keep versions. This policy covers the website, the API, and the HaveTML Chrome extension.
What we store
- Account data — your email address, display name, and authentication credentials, managed by our database provider (Supabase). If you sign in with Google, we receive your email and name from Google; we never see your Google password.
- Your content — the files you upload, their version history, project names and descriptions, reader notes, and comments (including guest names on comments).
- API tokens — tokens you create are stored only as cryptographic hashes; the full token is shown to you once and cannot be recovered by us.
- Cookies — session cookies to keep you signed in, and short-lived cookies that remember a password you entered to unlock a protected artifact. We do not use advertising or cross-site tracking cookies.
The Chrome extension
- The extension stores your HaveTML API token and your last-used project in Chrome's extension storage, on your device (and in your Chrome sync profile if you have sync enabled).
- When you drop a file on it, the file's content is sent to havetml.com over HTTPS to create the artifact in your account. Nothing is uploaded without your explicit action.
- The extension does not read the pages you visit, your browsing history, or anything beyond the files you choose to upload.
Who can see your content
Anyone with an artifact or project link can view it (or must enter the password you set). Artifacts are served sandboxed. We do not sell or share your data with third parties; infrastructure providers (Supabase, Vercel) process it solely to run the service.
Deletion
You can delete artifacts and projects from your dashboard and revoke API tokens at any time. To delete your account and all associated data, contact us.
Contact
Questions or requests: hassanain.anver@disrupt.com