Privacy Policy

Scope

This Privacy Policy applies to all of our browser extensions and to the findrealfriends.com website and its backend services (together, the "Services"). Our extensions generally fall into two categories of activity:

• Extensions that read publicly visible content (such as product listings and reviews) on supported retailer or marketplace websites and return an AI-generated summary or trust signal to the user.
• Extensions that capture queries, prompts, and related metadata from AI search/chat interfaces (such as ChatGPT and Gemini) to provide the user with analytics about their own AI usage.

This single policy covers the data practices of all such extensions. If a particular extension only performs a subset of the activities described below, only that subset applies to it.

Information We Collect

Depending on which of our extensions you use, we may collect:

• Publicly visible content from the page you are actively viewing on a supported site, such as product titles, identifiers (URLs, SKUs/ASINs), prices, review text, ratings, public reviewer display names, and review timestamps.
• Search queries and user prompts entered on AI services (e.g., ChatGPT, Gemini), along with conversation IDs, message IDs, AI platform and model information, and timestamps.
• A randomly generated, anonymous install ID and any user-configured preferences, stored locally via chrome.storage on your device.
• Server-side request metadata automatically logged by our infrastructure, including IP address, user-agent / browser information, request timestamp, endpoint, and response status.
• Any information you choose to provide directly, for example if you create an account on findrealfriends.com or contact us by email.

We do not collect keystrokes, mouse movements, page content from sites outside the domains explicitly listed in the extension's manifest, payment information, login credentials, or sensitive categories of data such as health or precise location.

How We Use Your Information

• To provide the core functionality of the extension (e.g., generating an AI summary of public reviews, producing query analytics).
• To authenticate your session and tie usage to the correct anonymous install or account.
• To maintain reliability and security, including rate-limiting, debugging, and abuse prevention.
• To improve the Services through aggregated, non-identifying analytics.
• To respond to your support or privacy requests.

We do not use your data for advertising, ad targeting, profiling, or to train third-party AI/ML models. We do not sell or rent your data.

How We Store Your Information

• In transit: all communication between the extensions, the website, and our backend is transmitted over HTTPS (TLS).
• At rest: server-side data is stored on encrypted infrastructure provided by Vercel (serverless hosting) and MongoDB Atlas (managed database with encryption at rest).
• Locally on your device: extensions use chrome.storage.local to store preferences and an anonymous install ID. This local data never leaves your device unless it is explicitly sent to our backend as described above.
• AI processing: content that is necessary to generate a summary or analysis may be sent to a third-party large language model API strictly to return a result to you; we do not authorize these providers to retain content for training.

Data Sharing

We do not sell, rent, or trade your information. We share information only in the limited circumstances below:

• Infrastructure providers (sub-processors) acting on our behalf: Vercel (application hosting), MongoDB Atlas (encrypted database storage), and OpenAI and/or other large language model providers (to process content and return AI-generated results).
• Legal compliance: when required by law, valid legal process, or to protect the rights, property, or safety of users or the public.
• Business transfers: if our business is acquired or merged, information may be transferred as part of that transaction, subject to this Privacy Policy.

We do not share data with advertising networks, data brokers, or unrelated third parties.

Data Retention

• Operational logs (request and error logs) are retained for up to 90 days for security and debugging, then rotated or deleted.
• Account-related data, if you create an account, is retained while your account is active.
• Data tied to an anonymous install ID is retained while the extension remains installed; uninstalling and reinstalling generates a new install ID.
• You may request deletion of your data at any time by contacting us; verified requests will be actioned within 30 days.

Your Rights

Depending on your jurisdiction (e.g., GDPR in the EU/UK, CCPA in California), you may have the right to access, correct, delete, export, or restrict processing of your personal information, and to withdraw consent at any time. To exercise any of these rights, contact us using the email below.

Security

We use industry-standard safeguards including HTTPS/TLS in transit, encryption at rest with our managed database provider, least-privilege access controls, and limited data collection. No method of transmission or storage is 100% secure; we will notify affected users of a data breach as required by law.

Third-Party Services

Our extensions operate on third-party websites (e.g., Amazon, Walmart, ChatGPT, Gemini, and other supported retailers or AI services). We are not responsible for the privacy practices of those websites, and we do not transmit data we collect back to them beyond what is required to display our own UI on the page.

Children's Privacy

Our Services are not directed to children under 13 (or the applicable age in your jurisdiction) and we do not knowingly collect personal information from children.

Changes to This Policy

We may update this policy periodically. The "Last updated" date at the top of this document reflects the most recent version. Material changes will be highlighted on this page.

Contact Information

For any privacy-related inquiries or data requests, please contact us at: [email protected]