CTRL KAI Chrome Extension Privacy Policy

Your privacy is important to us. This policy explains what information our CtrlKAI Chrome Extension collects, how we use it, and where it's stored.

1. Information We Collect

Information You Provide Directly:

• Email Address: When you create an account, we collect your email address for login, account verification, and password reset purposes.
• Password: We store a securely hashed version of your password. We never store your actual password in plain text.
• Feedback: If you send us feedback, we collect the content of your feedback and your user ID (if authenticated).
• Subscription & Payment Information: If you purchase a subscription or permanent credits, we use Stripe for payment processing. We do not directly store your credit card details. We store a Stripe customer ID and subscription details (like your current tier and subscription end date).

Information Collected Automatically:

• Interaction Data: We track your token usage for LLM requests to estimate costs and manage your subscription tier. We do NOT store the content of your messages or AI responses on our backend server.

Webpage Content:

• When you use the extension to query an LLM about webpage content or selected text, this content is sent to our backend and then to the LLM model to generate your answer. We do not store this content on our backend server. It is processed in real-time and discarded after the response is generated.

2. How We Store Your Information

Locally on Your Device (Chrome Storage):

The following data is stored directly within your Chrome browser's local storage. This information is accessible only by the extension and is NOT sent to our servers:

• Your Settings: This includes your preferred font size, custom system prompts for the AI, and the last LLM model you used.
• Conversation History: Your chat conversations are stored locally per webpage. You can toggle this feature on or off in the settings.
• Theme Preference: Your choice of light or dark mode.
• Popup State: The last position and size of the AI popup on your screen.

On Our Backend Database:

The following data is securely stored on our backend server. This data is essential for managing your account, subscriptions, and providing the service:

• User Accounts: Your user ID, email, securely hashed password, current subscription tier, total tokens, email verification status, and account creation/last login timestamps.
• Subscription Details: Your Stripe customer ID, current subscription status, and subscription end date.
• Token Balances: Your current token balance, including any permanent credits purchased.
• Password Reset Tokens: Temporary tokens generated for password reset requests.
• User Feedback: Any feedback you submit through the extension.

Crucially, we do NOT store the content of your AI queries or the LLM's responses on our backend database. The conversation history is stored locally only, in your browser.

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain the CtrlKAI extension's functionality.
• Manage your user account and authenticate your access.
• Process your subscriptions and assess your LLM token usage.

4. Data Sharing

We do not sell or transfer your user data to third parties, except as required to provide the service (for example, sharing necessary information with Stripe for payment processing, or with LLM providers to generate AI responses). We do not store your prompt content on our servers.

If you use the free tier of the Mistral LLM, please note that Mistral's terms allow them to use anonymized API calls (including your prompts and responses) for the purpose of training and improving their models. This data is not linked to your identity and is handled according to Mistral's privacy policy.

We do not use or transfer user data for purposes unrelated to the extension's purpose.

We do not use or transfer user data to determine creditworthiness or for lending purposes.

We do not use or transfer user data for advertising purposes.

We do not use or transfer user data for any other purpose.

5. Security

We implement a multi-layered security architecture to protect your data.

6. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last updated" date.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us through the feedback box inside the Settings (Options page) of the extension.

Last updated: September 11, 2025