Privacy Policy

1. Introduction

Welcome to Content Compass AI! This Privacy Policy explains how [Your Name/Company Name] ("we," "us," or "our") collects, uses, and discloses information about users ("you") of our Content Compass AI Chrome Extension (the "Extension"). By installing or using the Extension, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following types of information:

• Account Information: When you sign up, we collect your email address and a hashed password (managed securely by our backend provider, Supabase). We also store your unique User ID.
• Subscription Information: If you subscribe to a paid plan, our payment processor, Stripe, will collect your payment information (e.g., credit card details). We do not store your full payment card details. We receive and store your Stripe Customer ID, Subscription ID, current plan details, and billing cycle information from Stripe to manage your account.
• Google Account Data: To provide the core functionality of creating Google Forms, we use Google Sign-In (via chrome.identity) to authenticate you and request your authorization to access specific Google APIs (Google Forms API, Google Drive API) based on the permissions you grant (forms.body, drive.file scopes). We store the necessary OAuth tokens securely to make these API calls on your behalf. We only interact with Forms and Drive as needed to create and manage the surveys generated by the Extension.
• YouTube Video Information: When you use the Extension on a YouTube video page, we collect the video URL and retrieve publicly available metadata (like title, description) using YouTube APIs (e.g., oEmbed). If you use features involving comment analysis (when available), we may also process publicly available comments from the specified video.
• Survey & Usage Data: We store the surveys you create, including the AI-generated questions and your edits. We store metadata linking your account to the videos you process and the forms created. We also track usage data associated with your plan limits (e.g., number of surveys generated/credits used).
• AI Processing Data: To generate survey questions, we send relevant video metadata (title, description) and potentially comment text to AI services (like Google Gemini).
• Technical/Error Data: We may store anonymized error logs locally using Chrome Storage to help diagnose and fix technical issues.

3. How We Use Your Information

We use the collected information for the following purposes:

• To provide and operate the Extension's core functionality (user login, AI survey generation, Google Forms integration, history).
• To manage your account and subscription status (process payments via Stripe, enforce plan limits).
• To communicate with you (e.g., account updates, support).
• To improve the Extension (analyze usage patterns, fix errors).
• To comply with legal obligations.

4. How We Share Your Information

We do not sell your personal information. We may share information with the following third-party service providers who help us operate the Extension:

• Supabase: Our backend infrastructure provider (handles authentication, database storage).
• Stripe: Our payment processor for handling subscriptions. Payment details are sent directly to Stripe.
• Google: To provide Google Sign-In and interact with Google Forms/Drive APIs based on your authorization.
• Google Cloud / Gemini: The AI service used for generating survey questions. Video metadata/comments are sent for processing.

We only share information necessary for these providers to perform their services. We may also disclose information if required by law.

5. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your information from unauthorized access, use, or disclosure. However, no internet transmission is completely secure. Authentication is handled by Supabase Auth, and payment processing by Stripe.

6. Data Retention

We retain your account information and survey data as long as your account is active or as needed to provide the service and comply with legal obligations. We will delete your data upon request or account closure, subject to necessary retention for legal or operational purposes.

7. User Rights

Depending on your location, you may have rights regarding your personal data (e.g., access, correction, deletion under GDPR/CCPA). You can manage your basic account information via the Extension. You can manage your subscription via the Stripe Customer Portal. For other requests or deletion, please contact us at support@contentcompassai.com.

8. Use of Cookies / Local Storage

The Extension uses chrome.storage.local to store essential data like settings, session information, and potentially error logs directly on your device. We do not use tracking cookies for advertising within the extension itself.

9. Children's Privacy

The Extension is not intended for use by children under the age of 16. We do not knowingly collect personal information from children.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We take steps to ensure data is protected according to this policy and applicable laws.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on our website (contentcompassai.com/privacy) or through the Extension. Your continued use after changes constitutes acceptance.