Privacy Policy

Table of Contents

1. What Data We Collect
2. How We Use Your Data
3. How We Store Your Data
4. Third-Party Services
5. Your Privacy Choices
6. Data Retention
7. Security
8. Children's Privacy
9. Changes to This Policy
10. Contact Us

1. What Data We Collect

1.1 Data Stored Locally (Always)

The following data is stored locally on your device using Chrome's encrypted storage and syncs across your Chrome browsers via Chrome Sync:

• User Profile: Your name (optional), role (e.g., developer, student), years of experience, and custom role if specified
• Skills & Knowledge: Technical skills you've added, their proficiency levels, categories, and usage statistics
• Learning Goals: Goals you've set, related skills, progress tracking, and completion status
• Learning Preferences: Your preferred learning style (visual, reading, hands-on, or mixed)
• Content You Create: Cheat sheets you generate and save
• Privacy Consent: Your consent preferences for analytics and feedback collection
• Anonymous Device ID: A randomly generated identifier (UUID) unique to your browser/device, used for anonymous analytics. This ID does not contain any personal information and is stored locally on your device.

1.2 Data Sent to Servers (Only With Your Consent)

We only send data to our servers if you explicitly opt-in during onboarding or in Settings. You can revoke consent at any time.

Anonymous Usage Analytics (Opt-In) If you enable analytics, we collect:

If you enable analytics, we collect:

• Device identifier: A randomly generated anonymous ID unique to your browser (for unauthenticated users) or your user account ID (for authenticated users)
• Feature usage timestamps (when you use Quick Scan, Deep Analysis, etc.)
• AI provider type used (e.g., Chrome AI, DocuMentor AI)
• Action types (e.g., scan started, scan completed, scan abandoned)
• Feature metadata (e.g., which features you use most often)

What we DO NOT collect in analytics: Your name, email (unless you provide it for feedback follow-up), IP address, browsing history, page URLs, page content, or any personally identifiable information.

Anonymous vs. Authenticated Analytics:

• Unauthenticated users (using Chrome's built-in AI): Analytics are associated with an anonymous device ID that cannot be linked to your identity
• Authenticated users (using cloud AI providers): Analytics are associated with your user account for a personalized experience

Feedback Collection (Opt-In) If you enable feedback collection, we collect:

If you enable feedback collection, we collect:

• Device/User identifier: Anonymous device ID (unauthenticated) or user account ID (authenticated)
• Feedback ratings (thumbs up/down) on specific features
• Optional text comments you choose to provide
• Optional email address: Only if you check "I'd like a response to this feedback" and explicitly provide your email
• AI provider type associated with the feedback
• Timestamp of feedback submission

Email addresses are only collected when you:

1. Provide negative feedback with comments
2. Check the "I'd like a response to this feedback" box
3. Explicitly provide your email address

1.3 Authentication Data (Optional)

If you choose to sign in with Auth0 for cloud features:

• Email address
• Name
• Profile picture URL
• Authentication tokens (stored locally, never logged)

2. How We Use Your Data

We use your data to:

• Personalize Your Experience: Adapt AI responses based on your skill level, learning goals, and preferences
• Provide Core Features: Enable documentation analysis, concept explanations, cheat sheet generation, and personalized recommendations
• Sync Across Devices: Keep your persona data synchronized across your Chrome browsers via Chrome Sync
• Improve Our Product (With Consent): Analyze anonymous usage patterns to understand feature adoption and improve user experience
• Respond to Feedback (With Consent): Review your feedback to identify areas for improvement
• Authenticate Cloud Services (If You Sign In): Verify your identity for optional cloud features and cross-device sync

3. How We Store Your Data

Local Storage (Primary)

All persona data is stored locally on your device using:

• Chrome Storage Sync: Encrypted storage that syncs across your Chrome browsers (up to 100KB per extension)
• Chrome Storage Local: Fallback storage if sync quota is exceeded

Chrome automatically encrypts all stored data and only you can access it through your Chrome browser.

Cloud Storage (Optional - With Consent)

If you opt-in to analytics or feedback:

• Location: Data is stored on secure servers hosted by our cloud provider
• Encryption: Data is encrypted in transit (HTTPS/TLS) and at rest
• Access Control: Only authorized team members can access anonymized analytics data

4. Third-Party Services

DocuMentor AI integrates with the following third-party services:

4.1 AI Providers (Default if Not Signed In)

• Chrome Built-in AI (Gemini Nano): Runs locally on your device, no data sent to Google servers. See Chrome AI Privacy

4.2 Authentication (Optional)

• Auth0: If you choose to sign in, we use Auth0 for secure authentication. See Auth0 Privacy Policy

4.3 YouTube Data API (Optional)

• YouTube API: If you provide a YouTube API key, we fetch recommended videos based on documentation topics. See Google Privacy Policy
• API Key Usage: If you are not signed in to our backend, you can optionally provide your own YouTube API key, which is stored locally in the extension and used directly from your browser. If you are signed in, we use our own backend YouTube API key to fetch recommendations instead, and we do not require or use your personal YouTube API key.

We do not share your personal data with third parties for marketing purposes. Integrations listed above are for functionality only and occur when you explicitly configure and use those services.

5. Your Privacy Choices

You have complete control over your data:

5.1 Opt-In/Opt-Out of Data Collection

• During Onboarding: You can choose whether to enable analytics and feedback collection during setup
• In Settings: Go to Settings → Privacy & Data to toggle analytics and feedback collection on/off at any time
• Default: Both analytics and feedback are disabled by default - you must explicitly opt-in

5.2 Access Your Data

• View: All your persona data is visible in Settings → User Profile
• Export: Download your complete persona data as a JSON file from Settings → Data & Privacy

5.3 Delete Your Data

• Local Data: Settings → Data & Privacy → Delete All Persona Data
• Queued Analytics: Settings → Privacy & Data → Revoke All Consent & Clear Data
• Extension Removal: Uninstalling the extension removes all local data
• Request Deletion from Servers: Email us at [email protected] to request deletion of any analytics/feedback data we've collected

5.4 Revoke Consent

You can revoke all consent at any time:

• Go to Settings → Privacy & Data
• Click "Revoke All Consent & Clear Data"
• This will disable analytics and feedback, and delete any queued data waiting to be sent

6. Data Retention

• Local Data: Stored on your device indefinitely until you delete it or uninstall the extension
• Anonymous Analytics: Retained for up to 24 months for product improvement purposes, then deleted
• Feedback Data: Retained for up to 24 months, then deleted
• Deleted Data: When you delete data, it is permanently removed within 30 days from our systems and backups

7. Security

We take security seriously and implement industry-standard practices:

• Local Encryption: Chrome automatically encrypts all data stored via chrome.storage API
• Data in Transit: All data sent to our servers uses HTTPS/TLS encryption
• Data at Rest: Server-side data is encrypted at rest
• API Keys: Your YouTube API key is stored locally and never sent to our servers
• Authentication: We use Auth0, an industry-leading identity platform, for secure authentication
• Limited Access: Only authorized team members can access anonymized analytics data
• No Logging of Sensitive Data: We do not log page URLs, page content, or API keys

However, no method of transmission or storage is 100% secure. If you discover a security vulnerability, please email us at [email protected].

8. Children's Privacy

DocuMentor AI is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected], and we will delete that information.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes:

• We will update the "Last Updated" date at the top of this policy
• We will increment the version number
• For material changes, we will notify you via the extension (e.g., a banner or notification)
• Your continued use of the extension after changes constitutes acceptance of the updated policy

If you disagree with changes, you can stop using the extension and delete your data.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us: