Privacy by default: no servers, no accounts, no telemetry
Most "private" products mean "we are nice about your data." Reelic is built so that we never have it in the first place. This is the honest version of how that works, what runs locally, what gets sent over the network, and how you can verify the whole thing yourself.
The default everyone should expect
Local-first means the data lives on the device that produced it, and a copy only leaves with explicit user action. We made it the default rather than an opt-in.
Concretely: your saves index lives in your browser's IndexedDB and Chrome's storage area. It is namespaced to the Reelic extension. Uninstalling the extension removes the index. Clearing browser data clears it too. There is no second copy on a server we control.
What we never see
A short list of things that never leave your machine.
Reel captions and hashtags. The text we index for search stays in your browser. Search queries run locally, against the local index.
Thumbnails and video URLs. Reelic does not download videos. It links back to Instagram for playback, so the bytes only travel from Instagram to your browser, never through us.
Creator handles. The accounts you have saved from are part of your local index. We do not log them.
Individual reels. We never store, count, or log a list of specific reels you have saved. There is no row in any database that names a reel from your library.
What we do send, only if you opt in
Two features need a tiny amount of network traffic to work: the global leaderboard and the taste twin. Both require comparing your library against other libraries. To make that possible without leaking your reels, we send aggregates.
The aggregate payload looks like this: a display name you choose, your total save count, your top 20 creators by save count, and your top 20 hashtags by save count. That is it.
No reel-level data. No URLs. No captions. No thumbnails. The aggregates are enough to rank curators and to find matching libraries, and not enough to reconstruct what you have saved.
Both leaderboard and taste twin are opt-in. The default is off. You can toggle them off at any time from the side panel and the aggregates are deleted.
Why we built it this way
The alternative is a breach waiting to happen. Any product that stores a copy of your Instagram saves on a server is one S3 misconfiguration away from a headline. Most of the time the breach is not malicious, it is just bad luck. The safest data is the data we never have.
The second reason is simpler. Reelic does not need a server to do its job. The interesting computation, indexing and search, runs faster locally than it would on a remote machine. Building it the local-first way was both more honest and more performant.
How to verify it yourself
Trust is good. Verifiable trust is better. A five-minute audit you can run on your own machine.
Open the Reelic side panel and the Chrome DevTools network tab side by side.
Run a search. Watch the network tab. You will see zero outbound requests. The search runs locally.
Visit your saves page. Watch the network tab. You will see Instagram's own requests for the page. No requests from Reelic to any external server. The indexing happens in the page.
Toggle the leaderboard on. Now you will see one outbound request to Reelic's aggregator endpoint, containing only the aggregate payload above. Toggle it off, and the request stops.
No magic. No hidden calls. The whole thing runs in front of you, and you can watch it work.
