Privacy Policy

Effective Date: April 15, 2026 | Last Updated: April 15, 2026

Hello Prompting is committed to protecting your privacy. This policy describes how we collect, handle, store, and share your information in order to provide our prompt optimization and quality analysis services.

1. Extension Identity
2. Platforms & Permissions
3. Data Collection
4. Data Processing
5. Third-Party Services
6. Compliance Statments
7. Data Retention
8. User Rights
9. Children's Privacy
10. Contact Information

1
Extension Identity

Hello Prompting is a Chrome Web Store extension designed to provide real-time prompt quality analysis and optimization for AI chatbot platforms.

Website: https://helloprompting.com
Contact Email: support@helloprompting.com
Current Version: 6.2.1

2
Platforms & Permissions

Supported Platforms

The extension operates on the following AI chatbot environments:

chatgpt.com / openai.com
gemini.google.com / aistudio.google.com / notebooklm.google.com
claude.ai
grok.com
helloprompting.com / helloprompt.ing (Official domains)

Permissions Used

Permission	Purpose
`storage`	Used by `chrome.storage.local` to save user preferences, usage statistics, authentication tokens, and enhancement history.
`offscreen`	Maintains a persistent Gemini Nano session for on-device AI scoring, ensuring instant performance without network calls.
`host_permissions`	Necessary to analyze prompts on supported AI platforms and communicate with our secure backend for optimization tasks.

3
Data Collection

We collect the following categories of data to fulfill the extension's single purpose of prompt optimization:

Personally Identifiable Information (PII)

We collect your email address during account signup via traditional email/password registration (via Supabase Auth) or Google OAuth. We also generate a unique User ID and a Supabase User ID to manage your account and subscription tier.

User Input & Website Content

The extension reads text typed in AI chatbot input fields. To provide context-aware optimization, it may read up to 6 recent messages in the current chat (max 600 characters each). Important: Our PrivacyPreserver class automatically scrubs PII (emails, phone numbers, credit card numbers, SSNs, IPv4 addresses) locally before any data is transmitted.

User Activity

We monitor events like input focus/blur (for UI positioning), text changes, and UI interactions (Enhance, Refine clicks). These events are processed strictly locally and are NOT transmitted to our servers.

Authentication Data

Supabase access tokens, refresh tokens, and expiry timestamps are stored locally in chrome.storage.local to maintain your session and verify subscription status.

Technical Metadata

We store usage metrics locally, including daily usage counts, session costs, your last 100 enhancement entries, feature settings, and install timestamps.

4
Data Processing

Local Processing (On-Device)

On-Device AI: Real-time prompt scoring can utilize Chrome's Prompt API (Gemini Nano) directly on your device.
Local Storage: All personal preferences, usage counters, and history remain on your device via chrome.storage.local.
PII Scrubbing: All data cleaning occurs client-side before any network request is made.

Server-Side Processing

When you request an enhancement that requires cloud processing, the scrubbed prompt is sent to our Supabase Edge Function (llm-proxy), which routes it to Google Gemini or xAI Grok APIs.

Zero-Persistence Policy: Our servers process these prompts in volatile memory and do NOT permanently store your prompt text. Account data is stored in Supabase with AES-256 encryption.

5
Third-Party Service Providers

We engage the following third-party providers to deliver our services:

Supabase: For authentication, secure database storage, and Edge Function hosting.
Google (Gemini API): For advanced AI-powered prompt analysis and optimization.
xAI (Grok API): For alternative AI-powered prompt analysis and optimization.
Stripe: For payment processing. We do NOT store or see your credit card details.
Google Chrome (Prompt API): For local, high-speed on-device AI scoring.

6. Mandatory Compliance Statements

In accordance with the Google Chrome Web Store User Data Policy:

We do not sell or transfer user data to third parties, outside of the approved use cases described in this policy.
We do not use or transfer user data for purposes that are unrelated to the item's single purpose of prompt optimization.
We do not use or transfer user data to determine creditworthiness or for lending purposes.
The use and transfer of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

7
Data Retention

Prompt Text: Discarded immediately after processing (Zero-Persistence).
Local Data: Persists until you uninstall the extension or clear browser data.
Account Data: Retained for the duration of an active account; deleted within 30 days of a deletion request.
Enhancement History: Stored locally only (last 100 entries); never uploaded to our servers.
Financial Records: Managed by Stripe per financial regulations (~7 years).

8
User Rights

You have the following rights regarding your data:

Access your stored data via the Extension Dashboard (Options page).
Delete your account and all associated data by emailing support@helloprompting.com. Requests are processed within 30 days.
Export your local data upon request.
Opt out of specific features like auto-analyze or on-device AI via the Extension Settings.

9
Children's Privacy

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

International Users

If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and other jurisdictions where our service providers operate.

Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top.

Table of Contents

1 Extension Identity

2 Platforms & Permissions