Home · Create account · Data & privacy FAQ

Privacy Policy

Version 1.0.0 · Effective March 16, 2026

1. Introduction

Idiosync ("we," "us," or "our") provides tools to improve prompts and highlight potentially sensitive information before you share content with third-party AI services. This Privacy Policy describes how we collect, use, store, and share information when you use our website, Chrome extension, and related services (collectively, the "Services").

By creating an account, you agree that you have read this Privacy Policy and consent to the practices described here. If you do not agree, do not use the Services or create an account.

2. Information we collect

  • Account data: Email address, password (stored securely by our authentication provider), name or display information you provide, and profile settings.
  • Prompts and usage: Text you submit for analysis, improvement, or variant generation; metadata such as timestamps, feature used, and approximate usage counts.
  • PII detection & preferences: We may process your text to flag information that could identify individuals (e.g., names, emails). You may mark specific terms as "not personal information" so we can store those preferences and reduce false positives.
  • Extension / device: If you use our extension without signing in, we may use a locally generated device identifier to provide basic functionality; when you sign in, we associate activity with your account where applicable.
  • Technical data: IP address, browser type, device type, and similar logs used for security, debugging, and service improvement.
  • Payment (if applicable): Billing details are processed by our payment processors; we do not store full payment card numbers on our servers.

3. How we use information

  • To provide, maintain, and improve the Services (including AI-assisted features).
  • To authenticate you, enforce limits, and prevent abuse.
  • To personalize suggestions and variants based on your settings and (where enabled) your history.
  • To communicate with you about the Services, security, or policy updates.
  • To comply with law and protect rights, safety, and integrity of users and the Services.

4. How we store and protect data

We use reputable infrastructure providers (including Supabase for authentication and database services) with industry-standard safeguards. No method of transmission or storage is 100% secure; we work to protect your information but cannot guarantee absolute security.

Certain product features store redacted or processed versions of prompts where designed to reduce retention of raw sensitive content. Other features may store original prompt text (for example, in session history) to provide continuity—see your account settings and in-product notices where available.

5. Sharing of information

We may share information with:

  • Service providers who assist us (e.g., hosting, auth, AI APIs, analytics, email)—bound by contractual obligations.
  • Legal and safety: When required by law, legal process, or to protect Idiosync, users, or the public.
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with notice where required.

We do not sell your personal information as "sale" is defined under applicable U.S. state laws.

6. International users

If you access the Services from outside the United States, your information may be processed in the United States or other countries where we or our providers operate. Those jurisdictions may have different data protection laws than your home country.

7. Retention

We retain information for as long as your account is active and as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. You may request deletion of your account subject to applicable law and legitimate business needs (e.g., backups, financial records).

8. Your rights and choices

Depending on where you live, you may have rights to:

  • Access, correct, or delete certain personal information.
  • Object to or restrict certain processing.
  • Withdraw consent where processing is consent-based.
  • Lodge a complaint with a supervisory authority (EEA/UK users).

To exercise these rights, contact us using the information below. We may verify your identity before responding.

9. Children

The Services are not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have, please contact us and we will take appropriate steps.

10. Third-party AI services

When you copy improved prompts into external AI tools, those services are governed by their own terms and privacy policies. We encourage you to review them before sharing content.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version with a new effective date and, where required, notify you (e.g., by email or in-product notice). Continued use after changes constitutes acceptance of the updated policy, except where prohibited by law.

12. Contact

For privacy questions or requests, contact: casey@idiosycai.com

This policy is provided as a draft template. Have qualified legal counsel review it before relying on it for compliance.