Privacy Policy

Privacy Policy for Content Compass AI

Effective Date: April 4, 2025

1. Introduction

Welcome to Content Compass AI! This Privacy Policy explains how [Your Name/Company Name] ("we," "us," or "our") collects, uses, and discloses information about users ("you") of our Content Compass AI Chrome Extension (the "Extension"). By installing or using the Extension, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following types of information:

  • Account Information: When you sign up, we collect your email address and a hashed password (managed securely by our backend provider, Supabase). We also store your unique User ID.
  • Subscription Information: If you subscribe to a paid plan, our payment processor, Stripe, will collect your payment information (e.g., credit card details). We do not store your full payment card details. We receive and store your Stripe Customer ID, Subscription ID, current plan details, and billing cycle information from Stripe to manage your account.
  • Google Account Data: To provide the core functionality of creating Google Forms, we use Google Sign-In (via chrome.identity) to authenticate you and request your authorization to access specific Google APIs (Google Forms API, Google Drive API) based on the permissions you grant (forms.body, drive.file scopes). We store the necessary OAuth tokens securely to make these API calls on your behalf. We only interact with Forms and Drive as needed to create and manage the surveys generated by the Extension.
  • YouTube Video Information: When you use the Extension on a YouTube video page, we collect the video URL and retrieve publicly available metadata (like title, description) using YouTube APIs (e.g., oEmbed). If you use features involving comment analysis (when available), we may also process publicly available comments from the specified video.
  • Survey & Usage Data: We store the surveys you create, including the AI-generated questions and your edits. We store metadata linking your account to the videos you process and the forms created. We also track usage data associated with your plan limits (e.g., number of surveys generated/credits used).
  • AI Processing Data: To generate survey questions, we send relevant video metadata (title, description) and potentially comment text to AI services (like Google Gemini).
  • Technical/Error Data: We may store anonymized error logs locally using Chrome Storage to help diagnose and fix technical issues.

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide and operate the Extension's core functionality (user login, AI survey generation, Google Forms integration, history).
  • To manage your account and subscription status (process payments via Stripe, enforce plan limits).
  • To communicate with you (e.g., account updates, support).
  • To improve the Extension (analyze usage patterns, fix errors).
  • To comply with legal obligations.

Google API Services User Data Policy and Limited Use

Our use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Information accessed via the Google Forms API (https://www.googleapis.com/auth/forms.body scope) and Google Drive API (https://www.googleapis.com/auth/drive.file scope) is used solely for the following user-facing purposes within the ContentCompass AI Chrome Extension:

  • Authenticating your Google Account using Google Sign-In.
  • Creating new Google Forms documents in your Google account based on your instructions and actions within the Extension.
  • Saving the created Google Form documents directly into your Google Drive using the permissions granted.

Data obtained via these scopes will not be used for any other purpose, such as developing, improving, or marketing other services, nor will it be sold or used for serving advertisements. Furthermore, data obtained from Google APIs is explicitly not used to develop, improve, or train generalized AI and/or ML models.

4. How We Share Your Information

We do not sell your personal information. We may share information with the following third-party service providers who help us operate the Extension:

  • Supabase: Our backend infrastructure provider (handles authentication, database storage).
  • Stripe: Our payment processor for handling subscriptions. Payment details are sent directly to Stripe.
  • Google: To provide Google Sign-In and interact with Google Forms/Drive APIs based on your authorization.
  • Google Cloud / Gemini: The AI service used for generating survey questions. Video metadata/comments are sent for processing.

We only share information necessary for these providers to perform their services. We may also disclose information if required by law.

Sharing of Google User Data

We do not share any personal information or data obtained via Google APIs (including Google Forms content, Google Drive file content or metadata created by the Extension, or Google account information like your email address) with any third parties, except as strictly necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests, or to protect the rights, property, or safety of ContentCompass AI, our users, or the public as required or permitted by law.

5. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your information from unauthorized access, use, or disclosure. However, no internet transmission is completely secure. Authentication is handled by Supabase Auth, and payment processing by Stripe.

6. Data Retention

We retain your account information and survey data as long as your account is active or as needed to provide the service and comply with legal obligations. We will delete your data upon request or account closure, subject to necessary retention for legal or operational purposes.

Data Storage, Security, Retention, and Deletion (Google Data)

  • OAuth Tokens: We securely store OAuth 2.0 access and refresh tokens provided by Google Sign-In within the Chrome Extension's secure local storage on your device. These tokens are necessary to maintain your session and make authorized API calls to Google Forms and Google Drive on your behalf. These tokens are stored until they expire, are revoked by you (via your Google Account security settings), or you uninstall the Extension.
  • Google Forms and Drive Content: We do not store the generated Google Forms or Google Drive files on our servers. When a form is created using the Google Forms API (forms.body scope), we utilize the Google Drive API (drive.file scope) solely to initiate the saving of the resulting Google Form document directly within your own Google Drive associated with your authenticated Google Account. The storage and management of these documents are subject to your Google Drive settings and Google's terms.
  • Data Deletion: You can revoke the Extension's access to your Google Account at any time via your Google Account security settings (https://myaccount.google.com/permissions). Uninstalling the Extension will remove locally stored OAuth tokens.

7. User Rights

Depending on your location, you may have rights regarding your personal data (e.g., access, correction, deletion under GDPR/CCPA). You can manage your basic account information via the Extension. You can manage your subscription via the Stripe Customer Portal. For other requests or deletion, please contact us at support@contentcompassai.com.

8. Use of Cookies / Local Storage

The Extension uses chrome.storage.local to store essential data like settings, session information, and potentially error logs directly on your device. We do not use tracking cookies for advertising within the extension itself.

9. Children's Privacy

The Extension is not intended for use by children under the age of 16. We do not knowingly collect personal information from children.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We take steps to ensure data is protected according to this policy and applicable laws.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on our website (contentcompassai.com/privacy) or through the Extension. Your continued use after changes constitutes acceptance.

Return to Home