Privacy Policy

1. Introduction

This Privacy Policy describes how Readers ("we," "our," or "us") collects, uses, and protects your information when you use our Chrome extension. We are committed to protecting your privacy and being transparent about our data practices.

Readers is a Chrome extension that enables you to ask questions about web page content using voice commands and receive AI-powered spoken responses through OpenAI's services including Whisper (speech-to-text), ChatGPT (text processing), and text-to-speech capabilities.

2. Information We Collect

Audio and Voice Data

• Voice Recordings: When you use the microphone feature, we temporarily process your audio to convert speech to text using OpenAI's Whisper API. Audio is not permanently stored by us.
• Transcribed Text: The text version of your voice queries is processed to generate responses and may be stored in our database for conversation history and to improve service quality.

Conversation Data

• Questions and Responses: We store your questions and the AI-generated responses in our database to maintain conversation history and improve service quality.
• Page Context: Content from the web page you're viewing is temporarily processed to provide contextual answers but is not permanently stored.
• Session Information: Conversation sessions are tracked with anonymous session IDs to group related interactions.

Technical and Usage Information

• Anonymous User ID: A randomly generated UUID stored locally to track usage patterns without identifying you personally.
• Device and Browser Information: Basic technical details like browser type and user agent string for service optimization.
• Extension Usage: Information about how you interact with the extension features and any errors that occur.

Premium Services and Billing Information

• Email Address: For premium subscribers, we collect email addresses for billing, account management, and service communications
• Payment Information: Payment processing is handled by third-party providers; we may store billing history and subscription status
• Account Preferences: Premium service settings and feature preferences

Information We Do NOT Collect (Free Users)

• Personal identifying information unless you voluntarily provide it or subscribe to premium services
• Your complete browsing history or activity outside of direct extension usage
• Passwords or sensitive credentials (payment processing handled by third parties)
• Permanent copies of web page content beyond what's needed for immediate query processing

3. How We Use Your Information

We use the collected information for the following purposes:

• Voice Processing: To convert your speech to text using OpenAI's Whisper API
• AI Response Generation: To process your questions and generate relevant answers using OpenAI's ChatGPT
• Text-to-Speech: To convert AI responses back to spoken audio for playback
• Conversation History: To maintain a record of your interactions for easy reference within sessions
• Service Improvement: To analyze usage patterns and improve extension functionality
• Technical Support: To diagnose and resolve technical issues you may encounter
• Feature Development: To develop new features and enhance existing capabilities
• Account Management: For premium users, to manage subscriptions, billing, and account preferences
• Communications: To send service updates, feature announcements, and billing notifications to premium users
• Analytics and Research: To understand user behavior, improve our services, and develop new products
• Business Development: To explore partnerships and potential monetization opportunities that may benefit our users

4. Third-Party Services and Data Sharing

Readers integrates with third-party services to provide its functionality. Here's how your data is shared:

OpenAI Services

• Speech-to-Text: Audio recordings are sent to OpenAI's Whisper API for transcription
• AI Processing: Your questions and page context are sent to OpenAI's ChatGPT API for response generation
• Text-to-Speech: AI responses are converted to audio using OpenAI's TTS service
• OpenAI's data usage policies apply to information processed through their services

Supabase Database

• Conversation Storage: Your conversations are stored in our Supabase database for history and analytics
• User Analytics: Anonymous usage statistics and session data are maintained
• Data is stored securely with encryption and access controls

Payment Processing

• Billing Services: For premium subscriptions, payment processing through trusted third-party providers
• Email Services: For premium users, email communications through service providers
• Payment processors handle sensitive financial data according to PCI DSS standards

Data Sharing and Monetization

We are committed to transparency about how we may share your data:

• Aggregated Analytics: We may share anonymized, aggregated usage statistics with partners or third parties
• Research Partnerships: Anonymized data may be used for academic or industry research purposes
• Business Partnerships: We may explore partnerships that could involve sharing anonymized or aggregated data to improve services
• Future Monetization: We reserve the right to explore additional revenue models that may involve data sharing, always with appropriate user consent and privacy protections

Data Sharing Limitations

Important protections for your data:

• No Sale of Personal Data: We do not currently sell personally identifiable information
• Consent Required: Any future changes to data sharing practices will require clear user consent
• Opt-out Options: Users will always have options to limit or prevent data sharing
• Legal Requirements: We may share data when required by law or to protect our rights and safety
• Business Transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred
• Safety and Security: To prevent abuse, fraud, or security threats

5. Data Storage and Security

We implement appropriate security measures to protect your information:

Local Storage

• Anonymous ID: A random UUID is stored locally in your browser to track sessions
• Conversation ID: Session-based conversation identifiers are stored temporarily
• No Sensitive Data: No passwords or sensitive personal information is stored locally

Database Security

• Encryption: Data is encrypted in transit and at rest using industry-standard protocols
• Access Controls: Strict authentication and authorization controls limit data access
• Regular Audits: Security practices are regularly reviewed and updated
• Data Minimization: Only necessary data is collected and stored

Data Retention

• Free User Data: Conversation data stored indefinitely for service functionality unless deletion is requested
• Premium User Data: Account and billing information retained for the duration of subscription plus applicable legal retention periods
• Audio Data: Not permanently stored; processed in real-time only
• Analytics Data: Aggregated usage data may be retained indefinitely for business intelligence and service improvement
• Marketing Data: Email addresses and communication preferences retained until unsubscribe or account deletion

Note: No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

6. Chrome Extension Permissions

Readers requests specific Chrome permissions to function properly:

• Active Tab: To read content from the currently active web page for context
• Scripting: To inject content scripts that extract page information
• Storage: To save extension settings and conversation data locally

The extension also requires access to:

• Microphone: To capture your voice for speech-to-text conversion
• Supabase Backend API: For secure AI processing and data storage

These permissions are used solely for the extension's core functionality and are not used to collect unnecessary data.

7. Your Rights and Choices

You have the following rights regarding your data:

• Access: Request information about data we have collected associated with your anonymous ID or account
• Deletion: Request deletion of your conversation history and associated data
• Opt-out: Disable data collection entirely by uninstalling the extension
• Local Data Control: Clear locally stored data through Chrome's extension settings
• Microphone Access: Grant or revoke microphone permissions through Chrome's settings
• Marketing Communications: Unsubscribe from promotional emails at any time
• Data Sharing Preferences: Opt out of anonymized data sharing for research or business purposes

How to Exercise Your Rights

• Delete Local Data: Remove the extension or clear browser data
• Request Data Deletion: Contact us with your anonymous ID or email address
• Account Management: Premium users can manage preferences through their account settings
• Stop Data Collection: Uninstall the extension to immediately stop all data collection
• Data Portability: Request export of your data in a machine-readable format

To exercise these rights, please contact us using the information provided below.

8. Children's Privacy

Readers is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will delete such information promptly.

Parents and guardians should monitor their children's internet usage and extension installations.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own, including:

• OpenAI Services: Data processed through OpenAI's APIs may be handled in various locations
• Supabase Hosting: Database services may be hosted in different geographical regions
• Cloud Infrastructure: Supporting services may operate across multiple countries

We ensure that such transfers comply with applicable data protection laws and that appropriate safeguards are in place, including:

• Standard contractual clauses with service providers
• Adherence to privacy frameworks like Privacy Shield successors
• Regular assessment of data protection adequacy

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business model. We will notify you of any material changes by:

• Posting the updated Privacy Policy on this page
• Updating the "Last updated" date at the top of this policy
• Providing notice through the extension interface for significant changes
• Sending email notifications to premium users for major policy changes
• Requesting explicit consent for changes that expand data sharing or monetization practices

For significant changes that affect data sharing or monetization, we will:

• Provide at least 30 days advance notice
• Offer clear opt-out mechanisms
• Allow users to download their data before changes take effect
• Provide granular consent options where legally required

Your continued use of Readers after any changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

11. Third-Party Service Policies

Readers integrates with external services that have their own privacy policies. We encourage you to review these policies:

OpenAI

• Services Used: Whisper API (speech-to-text), ChatGPT API (text processing), Text-to-Speech API
• Privacy Policy: https://openai.com/privacy
• Data Usage: OpenAI may use data sent to their APIs to improve their services, subject to their privacy policy

Supabase

• Services Used: Database hosting and management
• Privacy Policy: https://supabase.com/privacy
• Data Handling: Supabase provides secure database infrastructure with encryption and access controls

Payment Processors (Premium Users)

• Services Used: Credit card processing, subscription management, billing
• Data Shared: Email, billing information, payment details
• Security: PCI DSS compliant payment processing

We select service partners based on their commitment to data protection and privacy standards. However, we are not responsible for the privacy practices of these third-party services.

Future Data Partnerships

We may enter into additional data partnerships in the future, which could include:

• Research Institutions: For studies on AI interaction and accessibility
• Technology Partners: To improve AI capabilities and user experience
• Analytics Providers: For enhanced usage insights and service optimization

Any such partnerships will be governed by strict data protection agreements and user consent requirements.