Privacy Policy

Last Updated: March 22, 2026

1. Introduction

GetAI ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and what choices you have when you use the GetAI Chrome extension, website, and related services (collectively, the "Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address — used for account identification and communication.
  • Password — securely encrypted before storage. We never store or have access to your plain-text password.

2.2 Extraction Data

Each time you perform an extraction, the following is logged on our servers:

  • The natural language query you submitted.
  • The source URL and page title of the webpage (if available).
  • The extraction result (structured data returned by the AI).
  • The number of credits used, input/output token counts, and processing duration.
  • The extraction status (success or error) and any error messages.
  • The trigger type (text prompt or Smart Selection).

2.3 Page Content

When you perform an extraction, the text content of the webpage (or the portion you selected) is sent to our backend server, which forwards it to a third-party AI provider for processing. We do not permanently store the raw page content on our servers. It is used only for the duration of the extraction request.

2.4 Activity Logs

We log account-level activity for security and support purposes, including:

  • Registrations, logins, logouts, and token refreshes.
  • Credit purchases, deductions, and refunds.
  • Extraction attempts (including insufficient credit events).

2.5 Payment Information

Credit purchases are processed by Stripe. Your payment details (card number, billing address, etc.) are collected and handled entirely by Stripe. We never receive, process, or store your payment card information. We only receive confirmation of successful or failed payments from Stripe.

2.6 Data Stored Locally

The Chrome extension stores the following data locally on your device using Chrome's storage API:

  • Authentication tokens (access and refresh tokens) to keep you signed in.
  • Your theme preference (light or dark mode).
  • Temporary extraction results for display in the results view.

This data stays on your device and is cleared when you log out or uninstall the extension.

3. How We Use Your Information

We use the information we collect to:

  • Authenticate you and manage your account sessions.
  • Process your data extraction requests by forwarding page content to the AI provider and returning structured results.
  • Track and manage your credit balance, including deductions, refunds, and purchase fulfillment.
  • Enforce rate limits (30 extraction requests per minute per user) to protect the Service.
  • Monitor for abuse, fraud, or violations of our Terms of Service.
  • Diagnose technical issues and improve the reliability of the Service.

4. Chrome Extension Permissions

The GetAI Chrome extension requests the following browser permissions:

  • storage — to save your authentication state and preferences locally.
  • activeTab — to read the content of the current tab when you initiate an extraction.
  • sidePanel — to display the GetAI interface as a Chrome side panel.
  • scripting — to inject the content script that enables Smart Selection Mode on web pages.
  • tabs — to detect when you navigate to a new page and update the extension state.

The extension does not request host permissions and cannot access page content until you actively trigger an extraction.

5. Third-Party Services

The Service relies on the following third-party providers:

  • AI provider: Page content and queries are sent to a third-party AI service for data extraction. The AI provider processes your data according to their own privacy policy. We do not control how the AI provider handles data beyond our request.
  • Stripe: Handles all payment processing. Stripe collects and manages your payment information under their privacy policy.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

6. Data Security

We implement the following security measures to protect your data:

  • Passwords are securely encrypted before storage and are never stored in plain text.
  • Authentication uses short-lived access tokens. Logging out revokes all active sessions.
  • API requests are protected with rate limiting and input validation.
  • All communication between the extension and backend occurs over HTTPS.

While we take reasonable precautions, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Cookies and Tracking

The GetAI Chrome extension does not use cookies. The extension stores authentication state using Chrome's local storage API, which is isolated to the extension and not accessible by websites. Our landing page website does not use analytics or tracking cookies.

8. Data Retention

  • Account data: Retained for as long as your account is active.
  • Extraction logs: Stored as part of your account history for as long as your account exists. These include the query, result data, credit usage, and metadata for each extraction.
  • Raw page content: Not permanently stored. Used only during the processing of an extraction request.
  • Activity logs: Retained for security and auditing purposes for as long as your account is active.
  • Payment records: Billing events from Stripe are stored for accounting and dispute resolution purposes.

If you request account deletion, we will remove your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as fraud prevention or financial record-keeping).

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you.
  • Request correction of inaccurate personal information.
  • Request deletion of your account and associated data.
  • Request a copy of your data in a portable format.
  • Withdraw consent for data processing where applicable.
  • Object to processing of your personal data.

To exercise any of these rights, contact us at tsotos@gmail.com.

10. Children's Privacy

The Service is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last Updated" date at the top of this page. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at tsotos@gmail.com.