1. Who We Are
Prompito is a Chrome extension and web service operated by Prompito ("we", "our", "us"). Our website is prompito.com. All privacy enquiries, data subject requests, security disclosures, and general support go to: support@prompito.com.
This policy applies to all users of the Prompito Chrome extension and all pages on prompito.com. By installing the extension or creating an account, you confirm you have read and understood this policy.
As a small operator, we are not currently required to appoint a formal Data Protection Officer (DPO) under GDPR. If our processing activities grow to require one, we will appoint a DPO and update this policy accordingly.
2. Applicable Laws We Align With
Prompito serves users in multiple countries. We have designed our data practices to meet or exceed the requirements of the following frameworks:
Where different laws impose different standards, we apply the stricter requirement globally. All users benefit from GDPR-level protections regardless of their location.
We also comply with the Google Chrome Web Store Developer Programme Policies, which govern how Chrome extensions may collect and handle user data. Our extension's privacy practices are disclosed in the Chrome Web Store listing, consistent with this policy.
3. What We Collect, and What We Don't
| Data | Status | Purpose |
|---|---|---|
| Email address | Stored | Account identity and passwordless sign-in (magic link) |
| First name & last name | Stored | Account display and personalised communications |
| Phone number | Stored | Anti-abuse signal only, not verified, not used for communications, never shared |
| Plan type and billing status | Stored | Cycle allocation and subscription access control |
| Cycles used / remaining | Stored | Usage tracking and quota enforcement |
| Industry profile selection | Stored | Personalising enhancement quality; retained until changed or account deleted |
| Privacy flag triggered (boolean only) | Stored | Aggregate analytics only, the sensitive content itself is never stored |
| Enhancement and evaluation counts | Stored | Usage analytics and billing records |
| Lemonsqueezy customer ID | Stored | Subscription management and billing portal access |
| IP address (transient) | Short-term | Rate limiting and abuse prevention; purged within 24 hours; never linked to accounts |
| Prompt content (what you type) | Never stored | Processed in memory during the active request only; discarded immediately after |
| Enhanced prompt content | Never stored | Returned to your extension only; never written to our database |
| AI output / response text | Never stored | Evaluated in memory; discarded immediately after |
| Verdict and gap analysis text | Never stored | Returned to your extension only; never written to our database |
| Clipboard content | Never accessed | The extension does not read from or write to your clipboard |
| Browsing history or page URLs | Never stored | Only the hostname of the current tab is read to determine if it is a supported AI platform |
4. How We Use Your Data
We process your personal data only for the following purposes, each with a stated legal basis:
- Account creation and management, Legal basis: contract performance
- Magic link authentication, no passwords stored, Legal basis: contract performance
- Cycle tracking and plan enforcement, Legal basis: contract performance
- Routing prompts and outputs through the AI engine during active requests (data not persisted), Legal basis: contract performance
- Transactional emails, verification codes, sign-in links, billing receipts, Legal basis: contract performance
- Lifecycle emails based on plan status, you can unsubscribe at any time, Legal basis: consent
- Rate limiting and abuse prevention, Legal basis: legitimate interests
- Aggregate anonymised analytics that cannot be linked to individuals, Legal basis: legitimate interests
We do not use your data for advertising, behavioural profiling, or automated decision-making that produces legal or similarly significant effects on you.
5. Chrome Extension Permissions
The extension requests only the permissions required to function. Each is explained below:
| Permission | Why it's needed |
|---|---|
storage | Stores your authentication token, plan status, and extension preferences locally on your device. Not transmitted to third parties. |
activeTab | Reads the hostname of your current tab to check if you are on a supported AI platform. No other page data is read. |
scripting | Injects the Prompito bubble interface into supported AI platform pages. Required for the extension to appear and operate. |
host_permissions (claude.ai, chatgpt.com, chat.openai.com, gemini.google.com) | Restricts the extension to operating only on these four platforms. Completely inactive on all other websites. |
No sensitive permissions, such as history, bookmarks, broad tabs, or clipboardRead, are requested. The extension accesses no data from any website other than the four listed above.
For full details on how Prompito is built to support assistive technologies including screen readers and keyboard navigation, see our Accessibility Statement.
6. The Privacy Warning System
Prompito includes an automatic detection system that scans your prompt before it is processed. When a prompt appears to contain sensitive information, such as patient names combined with medical context, client names with legal case details, or financial account data, a warning is shown before your enhanced prompt is displayed.
What is stored when a flag triggers: a boolean (privacy_flag_triggered = true), a timestamp, and the general use case category. The sensitive content itself is never stored, logged, or transmitted beyond the active request.
7. Third Parties We Work With
| Service | Purpose | Data shared |
|---|---|---|
| Anthropic (Claude API) | AI engine for prompt enhancement and output evaluation | Prompt text and sampled AI output during active requests only. Not retained by us after processing. Subject to Anthropic's privacy policy. |
| Lemonsqueezy | Payment processing and subscription management. Merchant of Record. | Name, email, and billing details at checkout. They store payment data under their own privacy policy and PCI-DSS compliance. We do not receive or store card numbers. |
| Resend | Transactional email delivery | Email address and transactional email content only. No marketing use. |
| Kit (ConvertKit) | Lifecycle email communications | Email address and plan tag (e.g. free_user, pro_annual). Unsubscribe at any time. |
| Railway | Backend hosting, Node.js server and PostgreSQL database | All account data resides on Railway's US infrastructure. Railway does not access your data for its own purposes. |
We do not share personal data with any other third parties. We do not sell, rent, or trade personal data. If required to disclose data by law, we will notify you unless prohibited by law.
8. International Data Transfers
Prompito's backend infrastructure is hosted by Railway in the United States. If you are located outside the United States, including the EEA, the UK, Brazil, or Canada, your personal data is transferred to and processed in the United States when you use Prompito.
For EEA and UK users, this transfer is made on the basis of contractual necessity and our legitimate interests in providing the service. We have assessed the transfer and are satisfied that Railway's infrastructure provides adequate protection through its security commitments and contractual arrangements.
Questions about international transfers or specific safeguards? Contact support@prompito.com.
9. Your Rights
Most rights can be exercised directly from the extension popup without contacting us:
| Right | How to exercise it |
|---|---|
| Access, see what data we hold | Email support@prompito.com. We respond within 30 days. |
| Rectification, correct your name or email | Directly in the extension popup settings. |
| Erasure, permanently delete your account and all data | Extension popup → Delete account. All data erased within 24 hours. |
| Restriction, limit how we process your data | Email support@prompito.com. |
| Portability, receive your data in a structured format | Email support@prompito.com. JSON export within 30 days. |
| Object, to analytics or marketing processing | Email support@prompito.com or unsubscribe from any marketing email. |
| Withdraw consent, for marketing emails | Unsubscribe link in any email, or email support@prompito.com. |
California residents (CCPA / CPRA): You have the right to know what personal information we collect, use, and share; to request deletion; to correct inaccurate information; to opt out of sale of personal information (we do not sell, see Section 14); and to non-discrimination for exercising these rights. Contact support@prompito.com. We will respond within 45 days as required by CCPA.
Brazilian residents (LGPD): You have the rights to information, access, correction, anonymisation, deletion, portability, and to revoke consent. Contact support@prompito.com.
Canadian residents (PIPEDA): You have the right to access personal information we hold and to challenge its accuracy. You may also withdraw consent to non-essential processing. Contact support@prompito.com.
If you believe we have not handled your data correctly, you have the right to lodge a complaint with your local supervisory authority. For EEA users this is your national data protection authority. For UK users this is the ICO.
10. Healthcare Users, HIPAA Notice
No Business Associate Agreement (BAA) is in place. Prompito has not been designed, audited, or certified for use with healthcare data subject to HIPAA or equivalent national healthcare privacy laws.
Healthcare professionals must not enter patient names, diagnoses, medications, treatment plans, case details, or any PHI into Prompito. This applies even when using Prompito's privacy warning features, those warnings do not confer HIPAA compliance.
A HIPAA-compliant enterprise tier is planned for a future version. Until that version is explicitly labelled as HIPAA-compliant, healthcare professionals should use Prompito only with fully de-identified, non-PHI content.
11. Data Retention
Account data is retained for as long as your account is active. When you delete your account, all personal data is permanently and irreversibly erased from our database within 24 hours, including your email, name, phone number, usage counts, industry profile, and all associated metadata.
IP addresses used for rate limiting are purged within 24 hours of capture and are never linked to user accounts.
Aggregate, anonymised analytics, which cannot be linked to any individual, may be retained indefinitely for product improvement.
Lemonsqueezy retains billing and transaction records for the period required by applicable financial regulations, independent of account deletion. We have no control over Lemonsqueezy's retention of billing records.
12. Security
We implement industry-appropriate technical and organisational measures to protect your data:
- API keys stored in server-side environment variables only, never in extension code or public repositories
- All communication encrypted over HTTPS / TLS, unencrypted HTTP is rejected at server level
- Passwordless authentication, sign-in by magic link only; no password database exists
- JWT tokens with 24-hour expiry and secure refresh token rotation
- Rate limiting on all API endpoints to prevent brute-force and abuse
- PostgreSQL database accessible only via internal private network, not publicly accessible
- JavaScript obfuscation applied to all published extension files
- Minimum necessary Chrome permissions only
No system is perfectly secure. To report a suspected vulnerability, contact support@prompito.com.
13. Data Breach Notification
In the event of a personal data breach likely to result in risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours of becoming aware, where required by GDPR or applicable law
- Notify affected users without undue delay by email if the breach is likely to result in high risk to their rights and freedoms
- Include in any notification: the nature of the breach, categories of data affected, likely consequences, and measures taken
Because prompt content and AI outputs are never stored, the scope of any potential breach is limited to account metadata (name, email, plan status, usage counts). No prompt or output content can ever be breached because none is retained.
14. We Do Not Sell Your Data
Prompito does not sell, rent, share, or trade your personal information to or with any third party for monetary or other valuable consideration. This applies to all users, including California residents under CCPA / CPRA.
We do not engage in cross-context behavioural advertising. We do not share personal data with advertising networks, data brokers, or aggregators.
15. Children's Privacy (COPPA)
Prompito is not directed at children and is not intended for users under the age of 16. We do not knowingly collect personal data from children under 16 (or under 13 in the United States under COPPA).
If you believe a child under the applicable age has created a Prompito account, contact support@prompito.com and we will delete the account and all associated data promptly.
16. Cookies and Local Storage
The prompito.com website does not use advertising cookies, analytics cookies, or tracking pixels. No cookie consent banner is required because we do not set non-essential cookies on our website.
The Chrome extension stores data locally on your device using Chrome's Storage API (chrome.storage.local), this includes your authentication token, plan status, and preferences. This data is stored on your device only, is not transmitted to third parties, and is cleared when you sign out or delete your account.
17. AI Output Disclaimer and Liability
Prompito enhances prompts and evaluates AI-generated outputs for alignment with the original request. Prompito does not verify the factual accuracy, legal correctness, medical validity, financial soundness, or completeness of any AI-generated content.
You are solely responsible for reviewing AI outputs before using, sharing, publishing, or acting on them. Prompito's evaluation is a quality-alignment check, not a guarantee of accuracy or fitness for any particular purpose.
To the fullest extent permitted by applicable law, Prompito accepts no liability for any harm, loss, or damage arising from reliance on AI-generated content evaluated or enhanced by Prompito.
18. Governing Law and Jurisdiction
This Privacy Policy is governed by and construed in accordance with applicable international law. For users in the EEA or UK, nothing in this clause limits your rights under GDPR or applicable local law.
Disputes arising from this policy will first be attempted to be resolved amicably by contacting support@prompito.com. EEA users retain the right to lodge complaints with their local supervisory authority regardless of this clause.
19. Changes to This Policy
We may update this Privacy Policy to reflect changes in our practices, legal requirements, or product features. Changes are indicated by the version number and "Last updated" date at the top of this page.
For material changes, those that meaningfully affect your rights or how we handle your data, we will notify registered users by email at least 14 days before changes take effect. Continued use of Prompito after the effective date constitutes acceptance of the updated policy.
Prior versions are available on request at support@prompito.com.
20. Contact Us
All privacy enquiries, data subject requests, security disclosures, and general support go to one address.
Get in touch
Privacy questions, data requests, account help, all handled here.
support@prompito.comPrivacy requests answered within 2 business days · Formal data subject requests within 30 days