Introduction
This Privacy Policy describes how PrivacyPal ("we," "our," or "us") collects, uses, and shares information when you use our website, products, and services.
Information We Collect
Information You Provide
- Contact information (name, email, phone number)
- Account credentials
- Payment information
- Communication preferences
- Any other information you choose to provide
Information Automatically Collected
- Device information
- IP address
- Browser type
- Operating system
- Usage data
- Cookies and tracking technologies
Browser Extension
When you use the PrivacyPal browser extension:
- The extension intercepts and temporarily processes messages you send to ChatGPT (chatgpt.com) and Claude.ai (claude.ai)
- Only messages containing potentially sensitive information are processed
- Configuration data (API endpoint, settings) is stored locally in your browser
- Usage statistics are stored locally and not transmitted
- No conversation data is stored permanently
How We Use Your Information
We use collected information to:
- Provide and maintain our services
- Process transactions
- Send marketing communications
- Analyze service usage
- Improve user experience
- Comply with legal obligations
- Contact you about products, services, and promotions
- Prevent fraud and ensure security
Browser Extension
Data collected by the browser extension is used solely for:
- Protecting your sensitive information using Privacy Twins technology
- Encoding/decoding messages in real-time
- Maintaining extension functionality
Extension data is NOT used for:
- Marketing communications
- Analytics or tracking
- Third-party advertising
PrivacyPal Browser Extension
When you use the PrivacyPal browser extension, the following applies:
Data Collection by the Extension
The PrivacyPal browser extension collects and processes the following data:
1. Conversation Data (Temporary Processing Only)
- The extension intercepts messages you send to ChatGPT (chatgpt.com) and Claude.ai (claude.ai)
- Only messages containing potentially sensitive information (PII) are processed
- Your original messages are analyzed to identify sensitive data
- Original data is replaced with Privacy Twins (synthetic data) before being sent to AI services
- Your original data is NOT stored by PrivacyPal - it is only processed in real-time for encoding/decoding
- Processing occurs through your configured PrivacyPal API endpoint (see "User Control" below)
2. Configuration Data (Stored Locally Only)
- API endpoint URL (stored in Chrome's local storage on your device)
- API authentication token (stored in Chrome's encrypted local storage)
- Extension settings and preferences (on/off, protection level)
- Protection statistics (number of requests intercepted, last interception time)
- All configuration data remains on your device and is not transmitted to PrivacyPal servers
3. Usage Statistics (Stored Locally Only)
- Number of requests intercepted
- Last interception timestamp
- Platform detection (ChatGPT vs Claude)
- These statistics are stored locally in your browser and are NOT transmitted
How Your Data is Processed
Privacy Twins Technology
- PrivacyPal uses Privacy Twins (synthetic data) technology to protect your sensitive information
- Your original sensitive data (names, addresses, SSNs, etc.) is replaced with realistic synthetic alternatives
- Only the synthetic Privacy Twins are sent to AI services (ChatGPT/Claude)
- AI responses are automatically decoded to restore your original information
- Your original data never reaches AI services
Data Transmission
- Conversation data is transmitted ONLY to your configured PrivacyPal API endpoint
- No data is sent to third parties
- No analytics or tracking data is collected
- If you use the default endpoint (api.privacypal.ai), data is sent to PrivacyPal servers for processing
- If you configure a self-hosted endpoint, data is sent only to your own server
Data Storage
- All configuration and statistics are stored locally in your browser
- No conversation data is stored permanently
- Original user data is never stored - only Privacy Twins are sent to AI services
- You can delete all extension data at any time by uninstalling the extension
User Control
API Endpoint Configuration
- You have full control over where your data is processed
- You can configure the extension to use api.privacypal.ai (default) or your own self-hosted PrivacyPal instance
- If you use a self-hosted instance, your data never reaches PrivacyPal servers
- Configuration is stored locally and can be changed at any time
Data Access and Deletion
- All extension data is stored locally in your browser
- You can view and modify configuration through the extension's settings panel
- You can delete all extension data by uninstalling the extension
- Uninstalling the extension removes all locally stored data
Third-Party Sharing
The PrivacyPal browser extension does NOT share your data with third parties.
Unlike our website services (which may share data with service providers as described in other sections of this policy), the browser extension:
- Does not send data to third-party advertisers
- Does not share data with service providers (except your configured API endpoint)
- Does not collect analytics or tracking data
- Does not use cookies for tracking
Children's Privacy
The browser extension is not intended for children under 13. We do not knowingly collect information from users under 13 through the extension.
Changes to This Section
If we make material changes to how the browser extension collects or uses data, we will update this section and notify users through the extension or our website.
Marketing Communications
By providing your information to PrivacyPal, you expressly consent to receive marketing, sales, and customer support communications through various channels including email, phone, and text messages. You acknowledge that such communications may include promotional content, product updates, and special offers.
Note: Data collected by the PrivacyPal browser extension is NOT used for marketing communications. The extension data is used solely for the core privacy protection functionality as described in the "PrivacyPal Browser Extension" section above.
Information Sharing
We may share your information with:
- Service providers and business partners
- Legal authorities when required by law
- Affiliated companies
- Third-party advertisers
- Potential buyers during a business transaction
Browser Extension Exception
Data collected by the PrivacyPal browser extension is NOT shared with:
- Third-party advertisers
- Marketing partners
- Analytics services
Extension data is only sent to your configured PrivacyPal API endpoint (which you control). See the "PrivacyPal Browser Extension" section above for complete details.
Your Rights
You have the right to:
- Access your personal information
- Correct inaccurate data
- Request deletion of your data
- Opt-out of marketing communications
- Request data portability
Data Security
We implement reasonable security measures to protect your information. However, no method of transmission over the internet is 100% secure.
Browser Extension Data Storage
The PrivacyPal browser extension stores data locally in your browser:
- All extension configuration data is stored locally in Chrome's encrypted storage
- Conversation data is processed in real-time and not stored
- Statistics are stored locally and never transmitted
- You can delete all extension data by uninstalling the extension
- API authentication tokens are stored in Chrome's encrypted local storage for security
Cookies
We use cookies and similar technologies to:
- Remember your preferences
- Analyze site traffic
- Personalize content
- Enable certain site functionalities
Children's Privacy
Our services, including the PrivacyPal browser extension, are not directed to children under 13. We do not knowingly collect information from children under 13 through our website or browser extension.
Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes through our website or other communication channels.