Privacy Policy

Last updated: June 28, 2026

This Privacy Policy describes how the Searchlight software (the "Software") and the website at searchlight.ajmalaksar.com (the "Site") handle information. Searchlight is an open-source project maintained by Ajmal Aksar ("we", "us").

1. How the Software works

Searchlight is a local Model Context Protocol (MCP) server that you install and run on your own computer. It communicates directly between your machine and Google's APIs. There is no Searchlight server, backend, or database operated by us that your data passes through.

2. Google account data we access

When you connect your Google account, Google asks you to grant read-only scopes for Google Search Console (webmasters.readonly) and, if you use the analytics features, Google Analytics (analytics.readonly). With your authorization, the Software reads that data (such as search analytics, sitemaps, URL inspection results, the properties you own, and Analytics reports) solely to display and analyze it for you inside your own AI client or terminal. This processing happens locally on your device.

Diagnosis uses read-only access only. If you explicitly ask Searchlight to set things up for you, it requests additional write and provisioning scopes at that point (for example, to submit a sitemap or create a Google Analytics property). These are opt-in and never requested unless you start a setup action.

3. Authentication tokens

After you sign in, Google issues OAuth tokens. These tokens are stored only on your own device (by default under ~/.searchlight/, with restricted file permissions) and are used to refresh access automatically. They are never sent to us or to any third party other than Google.

4. Limited Use disclosure

Searchlight's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, Google user data is used only to provide and improve the user-facing features described above; it is processed locally on your device; it is not transferred to us; and it is never sold, used for advertising, or used to train generalized AI/ML models.

5. The website

The Site is an informational page about the project. It does not ask you to log in and never has access to your Google account, Search Console, or Analytics data. The Site may collect anonymous, aggregated traffic statistics (such as page views) to understand general usage; this does not identify you personally.

6. Data sharing

We do not sell, rent, or share your personal information or Google user data. Because your data does not reach us in the first place, there is nothing for us to share.

7. Security

Your tokens and data reside on your own device under your control. We recommend keeping your operating system and the Software up to date. You can revoke Searchlight's access at any time at myaccount.google.com/permissions and remove the local token with searchlight logout.

8. Children

The Software and Site are not directed to children under 16, and we do not knowingly collect their data.

9. Changes to this policy

We may update this policy as the project evolves. Material changes will be reflected here with an updated date.

10. Contact

Questions about this policy? Email ajmalaksar25@gmail.com.