Privacy Policy
Accio Prompt! ("the extension", "we", "us") is a Chrome extension that rewrites draft prompts into clearer, more effective ones with one click, inside the chat composers of ChatGPT, Gemini, and Claude. This page explains what data the extension handles, why, and how you can ask us to delete it.
Summary
- No sellWe do not sell your data. We do not share it with advertisers.
- No telemetryNo background analytics, no tracking pixels, no browsing-history collection.
- No remote codeAll extension code is bundled in the published package. Nothing is fetched at runtime.
- User-initiatedThe extension only reads the chat composer after you click "Accio! Optimize".
What data we collect
Account data
- Email address — received from Google when you sign in. We verify Google's
email_verifiedclaim and store it as your account identifier. We never see your Google password. - Google subject id — a stable opaque identifier for your Google account, used so future sign-ins on the same Google account link back to the same record.
- Credit balance — how many "spells" (optimizations) you have left.
Prompt text
- The text you have written inside the chat composer of one of the four supported sites at the moment you click "Accio! Optimize". This text is sent to our backend for one rewrite request and the original is stored alongside the rewrite so you can review it from the popup history.
- We do not read the page around the composer, do not read prior messages in the chat, and do not read any tab you have not explicitly engaged with.
Authentication tokens
- A short-lived JWT access token (15 minutes) and a longer-lived refresh token (7 days) used to call our backend. The refresh token is stored hashed in our database; the access token lives in
chrome.storage.localon your device and is never sent anywhere except our backend.
Why we collect it (purposes)
- To run the service. Authenticating you, calling the language model with your draft, and showing the rewritten version back in the composer.
- To bill you for credits. When you click "Buy credits" the popup redirects you to a Stripe-hosted checkout page. Stripe receives your card details directly; we never see them. We store the resulting subscription / credit pack record against your account so your balance updates.
- To prevent abuse. Rate-limiting per account and per IP address.
What we do not collect
- Browsing history on any site other than the four supported LLM hosts.
- Page content outside the chat composer (we do not scrape the conversation transcript).
- Your Google password, your contacts, your Google Drive, or any other Google account data.
- Cookies set by other sites.
- Device fingerprinting, advertising identifiers, or cross-site tracking signals.
Where data lives & who we share it with
- Our backend — the data above is stored in a hosted PostgreSQL database managed by Railway. The backend runs in a containerized environment with TLS-only network access.
- Language model provider — when you click "Accio! Optimize", the draft text is sent to our backend, which forwards it to a third-party LLM provider under contract to process the rewrite and return the result. The provider is contractually bound to delete the prompt text after the request completes and not to use it for model training.
- Stripe — for payments. Stripe receives billing details you enter on their checkout page. We see only the resulting payment status and amount.
- Google — for sign-in. Google's OAuth servers issue our ID token; we never see your Google password.
We do not share your data with any other party. We do not sell, rent, or lease it.
Data retention
- Account & credit balance: kept for as long as your account exists.
- Prompt / rewrite history: kept for 90 days, then automatically purged.
- Payment records: kept for as long as required by tax / accounting law (typically 7 years).
- Server logs (access logs, error logs): kept for 30 days.
Your rights
- Access. You can see what we have on you by signing in and opening the popup — your email and credit balance are visible, and your last 90 days of rewrites are accessible from the popup history.
- Correction. Your email comes from Google and is therefore always whatever your current verified Google address is.
- Deletion. Email support@accio-prompt.app from the address on your account and we will permanently delete your account, balance, prompt history, and any payment tokens within 30 days. We will confirm by reply.
- Export. On request we will email you a JSON export of everything we hold against your account.
- Uninstall. Uninstalling the extension removes the popup's local storage (
chrome.storage.local). Server-side data is deleted only on explicit request (see above).
Children
The extension is not directed at children under 13 and we do not knowingly collect data from children under 13. If you believe a child has created an account, email us and we will delete it.
Changes to this policy
We will post material changes here and bump the "Effective" date above. For minor edits (typos, clarifications that do not change our practices) we will not notify individually.
Contact
Privacy questions, deletion requests, and data-export requests: support@accio-prompt.app.
This page is served over HTTPS from the same domain that runs the Accio Prompt! backend. See also our Terms of Service.