Privacy Policy

Effective Date: March 15, 2026

Chrome Extension Data Processing

🔒 Your Privacy is Our Priority

The AegisPrompt Chrome extension operates entirely within your browser and processes data locally. No chat contents, personal information, or detected patterns are transmitted to our servers. All sensitive data detection happens locally on your device.

Chrome Permissions

  • activeTab: To read content on AI chat websites for real-time protection
  • storage: To save your privacy settings locally in Chrome
  • scripting: To inject privacy protection scripts into AI websites
  • notifications: To show privacy alerts and subscription reminders

Information We Collect

Extension Data (Stored Locally)

  • Warning counts and installation date
  • Subscription status and preferences
  • Site-specific privacy settings

Authentication Data

  • Email Address: Collected via Auth0 for company authentication
  • Company Information: Company name and domain for access validation
  • Authentication Token: Temporary JWT tokens stored locally and validated with our servers
  • User Metadata: Role and permissions within your company account

Important: Authentication tokens are encrypted and stored locally. They are only transmitted to our secure backend for validation.

Backend Validation

To validate company access, we transmit:

  • Email address: To match you with your company account
  • Authentication token: For secure validation (JWT)
  • Extension version: For compatibility checking
  • Company ID: For seat and subscription management

We never transmit or store:

  • ❌ Your chat messages or conversations
  • ❌ Detected sensitive data (emails, credit cards, API keys, etc.)
  • ❌ Content you type in AI platforms
  • ❌ Browsing history or activity

All sensitive data detection happens 100% locally in your browser.

⚠️ Important: No Content Transmission

The extension never stores or transmits any text content you type or sensitive data it detects. All processing happens locally in your browser.

Service Plans

Starter Plan ($99/month)

  • Up to 25 employees
  • Sensitive data detection
  • ChatGPT, Claude, Gemini & Copilot support
  • Real-time blocking & warnings
  • Admin dashboard
  • Email support

Professional Plan ($199/month)

  • Up to 100 employees
  • Everything in Starter
  • Priority email support
  • Up to 25 custom company terms

Business Plan ($399/month)

  • Up to 500 employees
  • Everything in Professional
  • Dedicated email support
  • Up to 25 custom company terms

All plans include a 30-day free trial with no credit card required.

How We Use Your Information

  • To provide real-time privacy protection on AI platforms
  • To remember your privacy preferences and settings
  • To manage your company account and team members
  • To enforce subscription and seat limits
  • To provide customer support and respond to inquiries
  • To analyze usage patterns and improve our service

Subscription and Payment Data

Subscription Information

  • Subscription Status: Active, trialing, cancelled, or expired status
  • Plan Type: Starter, Professional, or Business
  • License Validation: Periodic validation with our servers for active subscriptions
  • Trial Tracking: 30-day trial period and expiration date
  • Team Management: Employee email addresses and seat usage within your company

Payment Processing

We use Stripe for subscription billing and payment processing. We do not store complete payment information on our servers.

  • Billing Information: Processed securely by Stripe
  • Transaction Records: Stored for billing, tax, and legal compliance
  • Subscription Management: Automated renewal and cancellation handling

Data Sharing and Disclosure

We will not sell or rent your personal information. We may share data with service providers solely to operate our services.

Service Providers:

  • Chrome Web Store: Extension distribution and updates
  • Stripe: Subscription billing and payment processing
  • Auth0 (Okta): Secure company login and identity management
  • Google Cloud / Firebase: Company and employee data storage
  • Heroku (Salesforce): Secure backend infrastructure
  • Google Workspace: Email communications and support

Cookies and Tracking

We use cookies and tracking technologies for website preferences and analytics. You can control cookie preferences through your browser settings. The extension does not use cookies or cross-site tracking.

Data Security

🛡️ Security Measures

  • Local Processing: Sensitive data never leaves your device
  • Encrypted Transmission: All web communications use HTTPS
  • Chrome Security: Built-in encryption for stored preferences
  • JWT Authentication: Secure token-based company access validation
  • Limited Access: Minimal data collection and storage

However, no method of internet transmission or storage is 100% secure.

Data Retention

  • Email addresses: Until you request deletion or your company account is closed
  • Company data: Until the company account is closed
  • Subscription data: For billing periods and tax compliance as legally required
  • Payment records: Retained per legal and accounting requirements
  • Extension preferences: Until you uninstall the extension
  • Text content and detected patterns: Never stored
  • Authentication tokens: Expire automatically, refreshed as needed

Children's Privacy

Our website and extension are not intended for children under 13. We do not knowingly collect personal data from minors.

Your Rights

Depending on your jurisdiction, you may have rights to access, correct, or delete your personal information.

Your Rights Include:

  • Access: Request a copy of your data
  • Correction: Update incorrect information
  • Deletion: Request removal of your data
  • Portability: Request your data in a portable format
  • Extension Control: Disable or uninstall at any time

GDPR Compliance (EU Users)

If you are located in the European Union, you have additional rights under GDPR including data portability, right to be forgotten, and right to restrict processing. Contact us to exercise these rights.

International Users

If you are located outside the U.S., your data may be transferred to and processed in the U.S., which may have different data protection laws.

Changes to This Policy

We may update this Privacy Policy and will post the revised version with a new effective date. Continued use of our services after changes constitutes acceptance of the updated policy.

Contact Information

For privacy concerns or data requests, please contact: support@aegisprompt.ai

Response Time: We aim to respond within 48 hours.

Disclaimer: This privacy policy is provided for informational purposes and is not legal advice. You should consult a qualified attorney to ensure compliance with applicable laws and regulations.