TL;DR:
* Cloud-accelerated Chromium fork, appears to be closed source.
* No custom hardware client platform as far as I can tell.
* No source available on GitHub: https://github.com/mightyapp
* They store your browsing history.
* They keep logs.
* Your information will be stored abroad.
* Claims to hide ads and cookie acceptance forms, no implementation details.
* No information if extensions are supported.
* Cookies claimed to be under user control.
* Not HIPAA or SOC-2 compliant.
* No pricing information seemingly available.
Front page of https://www.mightyapp.com/
"You will no longer see cookies notices or ads while browsing"
Interesting that they offer adblocking, but perhaps this mean that they just automatically agree to everything and/or send other identifiers to advertisers, like a custom GUID?
https://www.mightyapp.com/secu...
"Your data will never be shared with another person or entity. There are strict policies internally about viewing someone’s browser history: it is prohibited."
Merely prohibited? Why not encrypt all user data with a key you do not have possession of?
"Your cookies are stored on Mighty’s servers on a virtual machine that is isolated from other people’s machines and has tight control over who can access the machine directly. We access cookies stored on our servers so that your browser can be blazing fast versus incurring extra latency. We don't store those cookies anywhere else and you have complete control over which cookies are stored on your instance."
Unclear what they mean by accessing it for browser performance. Do they cache it locally on the Chromium client? Unlikely, as that is probably user access. Sounds like they scrape all user's cookies in order to cache whatever slow third-party requests they regularily make, most likely ad brokers. If replaced by dummy requests, this could enhance privacy.
"Various logs have different retention periods but for most logs that we ingest for debugging purposes only and are stripped of sensitive information are only kept for no longer than 6 months."
6 months seems excessive for debugging. The user should grant debug log permissions on a case-by-case basis - ONLY when noticing a problem.
https://www.mightyapp.com/priv...
Front page says "Let us be clear: your data will never be sold." but their privacy policy looks like every other, with the addition that they share it if:
"Only if we reasonably believe it’s necessary to prevent harm to the rights, property or safety of you or others; or in the event of a corporate restructuring or change in our organizational structure or status to a successor or affiliate."
They will transfer your information abroad, no way to opt out.
https://www.mightyapp.com/term...
IANAL, but the indemnification clause seems very broad:
"Mighty reserves the right to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, in which event you will assist and cooperate with Mighty in connection therewith."
This is a quick-fix for people with old machines with possibly vulnerable browsers.