Privacy Policy
This policy explains what data AIGrammar collects, how it is used, and what rights you have over your information. We have written it in plain English to be as clear as possible.
Who we are
AIGrammar is a Chrome extension and associated backend service that provides AI-powered grammar correction and text autocomplete. References to "we", "us", or "our" mean the AIGrammar team.
If you have questions or concerns, contact us at: support@aigrammar.me
What data we collect
Text you type
When you use AIGrammar in a web page, the text you are editing is sent to our backend and forwarded to Google Vertex AI to generate a grammar correction or autocomplete suggestion. This text is not stored anywhere. It is processed synchronously — sent to the AI, a response is returned, and it is discarded. We do not log, index, or retain the content of anything you type.
Google Vertex AI processes this data under Google's standard terms. Per those terms, your input is not used to train Google's AI models.
Account information
When you create an account, we collect your email address. If you register with a password (rather than a third-party sign-in), we store a hashed version of that password. We never store your password in plain text.
Subscription and payment information
Payments are handled entirely by Stripe. When you subscribe, you are redirected to a Stripe-hosted checkout page. We never see or store your card number, bank details, or any other payment instrument data. What we receive from Stripe is limited to: a Stripe customer ID, your subscription status (active, trialing, cancelled), and the subscription period dates. This is the minimum needed to know whether your account has access to the service.
Usage events
We collect a small number of anonymous usage counters — for example, how many suggestions were shown or accepted in a session. These counts contain no text content and are not linked to individual requests. They help us understand whether the product is working and where to focus improvements.
Error logs
We use Sentry for error tracking. When an error occurs in the extension or backend, Sentry may capture a stack trace and context data. We configure Sentry to filter out personally identifiable information before it is logged. Error logs are automatically deleted after approximately 30 days.
Transactional emails
We use SendGrid to send emails. Currently the only automated email we send is a notice before your free trial ends. Your email address is shared with SendGrid for this purpose.
How we use your data
| Data | Purpose |
|---|---|
| Typed text | Generate AI grammar/autocomplete suggestion (not retained) |
| Email address | Account login, trial-end notification |
| Hashed password | Account authentication |
| Stripe customer ID + subscription status | Gate access to the service |
| Anonymous usage counts | Product analytics and improvement |
| Sentry error logs | Debugging and reliability |
We do not sell your data. We do not use your data for advertising. We do not share your data with any third party except as described in this policy.
Third-party services
The following services process data on our behalf:
- Google Cloud (Cloud Run, Cloud SQL, Vertex AI) — our backend infrastructure runs on Google Cloud in the US (us-central1 region). Typed text is processed by Vertex AI; account data is stored in Cloud SQL.
- Stripe — handles all payment processing. Stripe is PCI-DSS certified. Their privacy policy is at stripe.com/privacy.
- Sentry — collects error logs from the extension and backend. Their privacy policy is at sentry.io/privacy.
- SendGrid — sends transactional emails. Their privacy policy is at twilio.com/en-us/legal/privacy.
Data retention
| Data | Retention period |
|---|---|
| Typed text | Not retained — discarded after the AI request completes |
| Account data (email, hashed password) | Retained until you delete your account |
| Subscription status (Stripe IDs) | Retained until account deletion; historical billing records follow Stripe's own retention policy |
| Sentry error logs | Approximately 30 days |
| SendGrid delivery records | Subject to SendGrid's retention policy |
Your rights
You have the following rights regarding your personal data:
- Access — you can request a copy of the personal data we hold about you.
- Correction — you can ask us to correct inaccurate data.
- Deletion — you can request deletion of your account and associated data by emailing support@aigrammar.me. We will action deletion requests within 5 business days.
- Opt out of analytics — an in-extension setting to disable anonymous usage event collection is planned. This feature is not yet available; we will update this policy when it is released.
To exercise any of these rights, email us at support@aigrammar.me. We will respond within 5 business days.
We follow the principles of data minimisation, purpose limitation, and user control that underpin frameworks such as GDPR and CCPA. We do not make a formal certification of compliance with any specific regulation, but we take these principles seriously.
Data security
Account passwords are hashed before storage (we cannot recover your plain-text password). All data in transit between the extension, our backend, and third-party services is encrypted via HTTPS/TLS. Our Cloud SQL database is not publicly accessible.
Children
AIGrammar is not intended for use by anyone under 13 years of age. We do not knowingly collect personal data from children. If you believe a child under 13 has created an account, please contact us and we will delete the account.
Changes to this policy
If we make material changes to this policy, we will update the "Last updated" date at the top and, where appropriate, notify you by email. Continued use of AIGrammar after a policy update constitutes acceptance of the revised policy.
Contact
Questions or requests relating to this privacy policy: support@aigrammar.me