Privacy Policy

Last updated: September 04, 2025

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy has been created with the help of the Privacy Policy Generator.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.
Affiliate means an entity that controls, is controlled by or is under common control with a party, where "control" means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
Application refers to Summarist, the software program provided by the Company.
Company (referred to as either "the Company", "We", "Us" or "Our" in this Agreement) refers to Summarist.
Country refers to: Texas, United States
Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
Personal Data is any information that relates to an identified or identifiable individual.
Service refers to the Application.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Email address
First name and last name
Usage Data

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

Information from Third-Party Social Media Services

The Company allows You to create an account and log in to use the Service through Google OAuth. When you authenticate with Google, we collect:

Your Google account email address
Your name and profile information
Google user ID for authentication
OAuth access tokens (temporarily processed, not permanently stored)

If You decide to register through Google OAuth, We collect Personal data that is already associated with Your Google account, such as Your name, Your email address, and your unique Google user identifier.

You may revoke this access at any time through your Google Account settings. When you do so, we will no longer have access to your Google account information, though we may retain previously collected data as described in this policy.

Chrome Extension Data Collection

Our Chrome Extension collects the following information to provide its functionality:

Website Content: URLs, page titles, and article content from websites you choose to save
Browsing Data: Information about your active browser tabs (only when you interact with our extension)
Reading Sessions: Time spent reading saved articles, reading progress, and session duration
Usage Statistics: Number of articles saved daily/total, AI processing usage, feature interactions
Extension Interactions: Button clicks, menu selections, and extension usage patterns

AI Processing and Third-Party Services

When you use AI features, we process your content through:

Google Gemini AI: Article content is sent to Google's Gemini API for summarization and categorization
Firebase/Firestore: Your data is stored and processed through Google's Firebase services
Vercel Backend: Our API processes your requests through Vercel's cloud infrastructure

Article content sent to AI services is processed in real-time and is not permanently stored by these third-party AI providers beyond their standard processing requirements.

Browser Permissions and Local Storage

Our Chrome Extension requires the following browser permissions to function:

Active Tab Access: To read and save content from the current webpage you're viewing
All Websites Access: To provide saving functionality across all websites you visit
Storage Permission: To store your preferences, authentication tokens, and cached data locally
Context Menus: To add "Save to Summarist" options to your right-click menu
Background Processing: To sync your data and track reading sessions

Local storage is used to cache your bookmarks, store authentication information, and maintain your preferences. You can clear this data at any time through Chrome's extension settings.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

To provide and maintain our Service, including to save and organize your articles, generate AI summaries, and track your reading progress.
To manage Your Account: to manage Your registration as a user of the Service and provide personalized features like reading statistics and bookmark organization.
For AI Processing: to generate article summaries, categorize content, and provide intelligent reading recommendations using Google Gemini AI services.
For Analytics and Improvement: to analyze reading patterns, feature usage, and service performance to improve the extension and add new features.
To contact You: To contact You by email regarding important service updates, security notifications, or changes to features you use.
For Research and Development: to understand user behavior, conduct surveys for feature development, and improve our AI categorization algorithms.
To manage Your requests: To provide customer support and respond to your feedback or feature requests.
For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
For legal compliance: to comply with applicable laws, regulations, and legal processes, and to protect the rights and safety of our users and services.

We may share Your personal information in the following situations:

With Cloud Service Providers: We share your data with Google (Firebase/Firestore) for data storage and authentication, Google Gemini AI for article processing, and Vercel for API hosting and processing.
With AI Processing Services: Article content you choose to process is sent to Google Gemini AI for summarization and categorization. This data is processed in real-time and not permanently stored by the AI service.
For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
With law enforcement: We may share your information when required by law, court order, or government regulation, or to protect the rights, property, or safety of our users or the public.
For technical operations: We may share anonymized, aggregated usage statistics with service providers for technical maintenance, security monitoring, and service improvement purposes.
With Your consent: We may disclose Your personal information for any other purpose with Your explicit consent.

Data Processing Infrastructure

Your data flows through the following systems:

Chrome Extension: Collects and processes data locally in your browser
Vercel API (summarist-project-dbc0d.vercel.app): Processes API requests, handles authentication, and manages data operations
Google Firebase/Firestore: Stores your account data, bookmarks, reading progress, and usage statistics
Google Gemini AI: Processes article content for AI summarization and categorization

Data transfers between these systems are encrypted using industry-standard protocols (HTTPS/TLS).

Retention of Your Personal Data

We retain your personal data for the following periods:

Account Data: Retained for as long as your account is active, plus 30 days after account deletion for recovery purposes
Bookmarks and Articles: Retained until you delete them or your account is terminated
Reading Analytics: Aggregated reading statistics retained for 2 years for service improvement
Usage Logs: Server logs and API usage data retained for 90 days for security and debugging purposes
Authentication Tokens: OAuth tokens expire automatically and are not permanently stored
Survey Data: Beta feedback and survey responses retained for 1 year for product development

You may request deletion of your data at any time by contacting us. Upon account deletion, we will remove your personal data within 30 days, except where we are legally required to retain certain information for longer periods.

Transfer of Your Personal Data

Your data may be transferred to and processed in the following locations:

Google Services: Your data is processed through Google's global infrastructure (Firebase, Firestore, Gemini AI) which may include servers in various countries where Google operates
Vercel Platform: Our API is hosted on Vercel's global edge network, which may process your data in multiple geographic regions for performance optimization
United States: Our primary data processing occurs in the United States through our service providers

These transfers are necessary for providing our services and are protected by:

Industry-standard encryption in transit (HTTPS/TLS)
Google's and Vercel's compliance with international data protection frameworks
Contractual data protection obligations with our service providers
Regular security assessments and audits

Your consent to this Privacy Policy represents your agreement to these data transfers. We ensure all transfers comply with applicable data protection laws and maintain appropriate safeguards.

Your Data Rights

You have the following rights regarding your personal data:

Access: Request a copy of the personal data we hold about you
Rectification: Request correction of inaccurate or incomplete data
Erasure: Request deletion of your personal data (subject to legal retention requirements)
Portability: Request your data in a portable format to transfer to another service
Restriction: Request temporary restriction of data processing in certain circumstances
Objection: Object to processing based on legitimate interests

How to Exercise Your Rights

Within the Extension: Delete individual bookmarks, clear reading history, or adjust privacy settings
Google Account: Revoke OAuth permissions through your Google Account settings
Contact Us: Email us at rush2satya007@gmail.com for data requests, account deletion, or privacy questions
Chrome Extension: Uninstall the extension to stop all data collection immediately

We will respond to your data requests within 30 days. For account deletion, we will remove your data within 30 days except where legal obligations require longer retention.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

Comply with a legal obligation
Protect and defend the rights or property of the Company
Prevent or investigate possible wrongdoing in connection with the Service
Protect the personal safety of Users of the Service or the public
Protect against legal liability

Security of Your Personal Data

We implement multiple security measures to protect your personal data:

Encryption in Transit: All data transfers use HTTPS/TLS encryption
Authentication: Secure OAuth 2.0 authentication through Google
Access Controls: Restricted access to personal data on a need-to-know basis
Data Minimization: We collect only data necessary for service functionality
Regular Updates: Security patches and updates applied promptly
Third-Party Security: We rely on Google's and Vercel's enterprise-grade security infrastructure

While we implement industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to protect your data using best practices and regular security assessments.

Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent's consent before We collect and use that information.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

By email: rush2satya007@gmail.com