Privacy Policy
This Privacy Policy describes how Polish ("Polish", "we", "our", or "the Extension") collects, uses, shares, stores, and protects information when you install or use the Polish Chrome extension and related Polish services.
Controller and Contact
Polish is operated by the developer of the Polish Chrome extension. For privacy, security, support, deletion, or access requests, contact benbaler@gmail.com.
Scope
This policy applies to the Polish Chrome extension, the Polish API, the Polish static website, support pages, and payment/account flows used by the extension. It does not control the independent privacy practices of websites where you use Polish, Google Chrome, the Chrome Web Store, ExtensionPay, Stripe, Cloudflare, or Cerebras.
Single Purpose
Polish exists to improve writing you intentionally ask it to process. The extension is designed to run on many websites because users write in many places, but Polish does not use that access to monitor unrelated browsing, build advertising profiles, sell data, or change pages for purposes unrelated to writing correction.
Summary
- Polish reads text only when you invoke the extension through the shortcut, context menu, extension button, or an equivalent user action.
- Polish sends the text and limited editor context needed to generate the requested correction and write it back into the same editor where possible.
- Polish uses local Chrome storage for extension settings, installation identity, subscription state, usage counters, strategy cache, and local diagnostics.
- Polish uses server-side records for usage limits, paid access checks, abuse prevention, reliability, operational logs, and privacy-safe editor strategy data.
- Polish does not sell, rent, trade, or transfer user data for advertising, retargeting, data-broker, credit, lending, or unrelated market-research purposes.
Information We Collect or Process
- User-authored text, only on demand: Polish reads the text in the active input, textarea, editable document, rich-text editor, or current selection only after you intentionally trigger Polish. This can include personal communications or other user-provided content if you choose to polish that text. Polish does not monitor keystrokes in the background and does not intentionally read password fields or fields marked as sensitive.
- Editor and page context needed to complete the action: To detect the active editor, preserve formatting, extract selected text, and write the corrected text back, Polish may process limited context such as the active page hostname, page origin and path, document title, active element tag and role, aria labels, placeholder text, editor classes, sanitized selectors, nearby editor structure, framework hints, selected range state, and snippets of the active editor/container HTML. This context is used to make the requested writing correction work across common web editors. Polish does not collect unrelated full browsing history.
- AI request payloads: For a writing correction, Polish sends the text you asked to process, the requested action, and the limited editor context required for correction, extraction, or write-back assistance through the Polish server to the AI provider. For write-back troubleshooting, a request may include the original text, corrected text, current editor text, failure reason, and prior attempt summaries so the service can return an advisory JSON strategy. The extension-owned code validates and executes any strategy locally; AI responses are not executed as remote page code.
- Clipboard data during fallback flows: Polish may use clipboardRead and clipboardWrite when normal browser/editor APIs cannot safely extract or replace text. This can include reading the current selection through copy/paste, temporarily writing a marker or corrected text, and attempting to restore prior clipboard text on a best-effort basis. Clipboard access is used only as part of a user-triggered Polish action or manual copy fallback.
- Installation, anonymous identity, and access state: Polish creates or reads an installation identifier stored by Chrome extension storage. The server may mint signed anonymous identity tokens, store token metadata, and use salted hashes of installation identifiers to enforce free usage limits, prevent abuse, and avoid relying on raw identifiers where a hash is sufficient.
- Account and subscription data: Polish uses ExtensionPay to manage paid access, and ExtensionPay uses Stripe for payment processing. Polish may receive or store the access state needed to verify whether an account is paid, related ExtensionPay identifiers or API keys, cached paid/unpaid status, and timestamps for payment-status checks. Polish does not receive or store full payment card numbers.
- Usage and limit records: Polish records data needed to enforce daily free limits, character limits, duplicate-request prevention, and fair-use controls. These records may include date, action or mode, paid/free status, salted user hash, model name, prompt tokens, completion tokens, total tokens, estimated cost, duration, character count, request status, and configured limits.
- Editor strategy data: When difficult editors require fallback handling, Polish may store privacy-safe strategy registry data such as hostname, structural component fingerprint hash, fingerprint version, generic framework hints, sanitized DOM fingerprint fields, allowed extraction or write-back method, strategy signature, success and failure counters, distinct installation counts, and sanitized failure signatures. Polish does not store raw selected text, polished output text, raw HTML previews, labels, placeholders, user names, emails, phone numbers, or raw installation IDs in these strategy rows.
- Technical logs and diagnostics: Polish may store local extension diagnostics and server-side operational logs such as route name, response status, duration, D1/ExtensionPay/Cerebras timing categories, token counts, estimated cost, trace IDs, error summaries, and sanitized client warnings/errors. These logs are used to maintain, secure, troubleshoot, and measure the service. They are not intended to include selected text, polished text, API keys, admin tokens, payment card details, or raw installation IDs.
- Support communications: If you email support, we collect the information you choose to send, such as your email address, website/editor details, screenshots, bug descriptions, billing question, or sample text you intentionally include.
Information We Do Not Collect for Unrelated Purposes
- Polish does not collect continuous keystroke logs.
- Polish does not collect full browsing history for advertising or analytics.
- Polish does not collect passwords intentionally.
- Polish does not sell or share data with advertising networks, data brokers, or information resellers.
- Polish does not use user data to determine creditworthiness or for lending purposes.
- Polish does not store the Cerebras API key, admin tokens, or other server secrets in the extension package.
How We Use Information
- To provide the requested writing correction and return the corrected draft.
- To detect the active editor, preserve formatting, extract selected text, write corrected text back, and provide manual copy fallback when necessary.
- To enforce free usage limits, paid access, duplicate-request prevention, rate limits, abuse prevention, and fair-use controls.
- To improve editor compatibility by reusing privacy-safe, non-text strategy data after validation.
- To troubleshoot errors, latency, failed write-back, payment access issues, security issues, and reliability problems.
- To respond to support, privacy, billing, security, or legal requests.
- To maintain, secure, audit, and measure the performance and reliability of the extension and API.
How Information Is Shared
Polish shares user data only as needed to provide, improve, secure, operate, or support its single purpose, or when required by law. The relevant service providers are:
- Cerebras: Text and limited editor context you intentionally ask Polish to process may be sent through the Polish server to Cerebras-compatible AI endpoints to generate the requested correction or advisory extraction/write-back response.
- Cloudflare: Polish uses Cloudflare Workers and Cloudflare D1 to operate the API, enforce limits, store privacy-safe strategy data, store usage and abuse-prevention records, and store sanitized operational logs.
- ExtensionPay: Polish uses ExtensionPay to manage paid access, account restoration, and subscription state needed by the extension.
- Stripe: ExtensionPay uses Stripe to process subscription payments. Stripe may process payment information under its own terms and privacy policy. Polish does not receive full card numbers.
- Google and Chrome: Chrome provides extension APIs and extension storage. If Chrome sync is enabled, Chrome may sync some extension storage according to the user's Chrome and Google account settings. The Chrome Web Store also handles installation, listing, and review infrastructure.
- Legal, security, or business transfer recipients: We may disclose information if required by law, to protect against abuse or security threats, or as part of a merger, acquisition, or sale of assets after any user consent required by applicable law or Chrome Web Store policy.
We do not sell, rent, trade, or transfer user data for personalized advertising, retargeting, data-broker resale, credit eligibility, lending, or unrelated market research.
Local Storage on Your Device
Polish may store extension data in Chrome storage, including installation ID, anonymous identity token cache, ExtensionPay account state, paid-status cache, usage counters, options/settings, local logs, and cached editor strategy policy records keyed by hostname and structural component fingerprint. You can remove local extension data by uninstalling the extension or clearing the extension's Chrome storage.
Retention
- User-authored text: Polish processes user-authored text to return the requested result and does not intentionally store selected text or polished output after the request completes. AI providers may process request data according to their own service terms and retention practices.
- Local extension data: Extension settings, installation ID, account state, local strategy cache, and local logs remain in Chrome storage until replaced, expired, cleared, or the extension is uninstalled.
- Anonymous identity and abuse-prevention records: Anonymous identity token records may be retained for the life of the token, currently up to about 90 days. Anonymous mint counters and free usage counters are retained for short operational windows, currently about 2 days. Duplicate-request prevention records are retained for a short window, currently about 1 hour.
- Operational logs: Performance logs and recent correction/admin cards are retained for short operational windows, currently about 7 days, unless a longer period is required to investigate security, abuse, billing, or reliability issues.
- Usage records: Aggregated and event-level usage records may be retained to operate limits, paid access, cost controls, auditability, and service analytics.
- Strategy registry records: Privacy-safe editor strategy rows may be retained until deleted, superseded, or no longer needed because they help Polish work reliably across editors without storing user text.
- Support communications: Support emails are retained as long as reasonably needed to respond, resolve the request, keep business records, and protect legal rights.
Security
Polish transmits extension, Worker, payment, and AI-provider traffic over HTTPS. Secrets such as the Cerebras API key and admin tokens are kept server-side and are not stored in the extension package. Polish uses hashing, signed anonymous identity tokens, request size limits, rate limits, sanitization, and operational logging to reduce abuse and avoid storing raw identifiers where practical. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security.
Chrome Permissions
- <all_urls> and content scripts: Needed so Polish can work where users write, across common websites and editors. Polish acts on the focused editor or selection only after a user-triggered action.
- scripting: Needed to inject or refresh the content script in active tabs after install, update, startup, or command relay so the extension can reach the current editor.
- storage: Needed for installation identity, settings, usage counters, paid-status cache, strategy cache, and local diagnostics.
- contextMenus: Needed to provide the editable-field context menu actions for Polish and More Polished.
- clipboardRead and clipboardWrite: Needed for fallback extraction, fallback replacement, and manual copy flows in complex editors when normal editor APIs are insufficient.
Chrome Web Store Limited Use Disclosure
Polish's use and transfer of user data is limited to providing or improving its single purpose, maintaining and securing the service, enforcing usage limits, processing subscriptions, preventing abuse, and measuring performance and reliability. Polish complies with the Chrome Web Store User Data Policy, including the Limited Use requirements. The use of information received from Chrome APIs and Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements. Polish does not use or transfer user data for personalized advertising, retargeting, sale to data brokers, unrelated market research, credit eligibility, or lending purposes. Humans do not read user text except with the user's explicit consent for support, when necessary for security or abuse investigation, when the data is aggregated and anonymized for internal operations, or when required by law.
Your Choices and Requests
- You can choose not to trigger Polish on text you do not want processed.
- You can uninstall the extension to stop future collection by Polish and remove extension-managed local data from that Chrome profile.
- You can manage or cancel paid access through the ExtensionPay flow available from the extension settings.
- You can contact benbaler@gmail.com to request access, deletion, correction, or more information about support records or server-side records reasonably associated with you. We may need information to verify and locate the relevant records.
- Do not send private or sensitive text in a support request unless you intentionally want it reviewed for that support request.
Children
Polish is not directed to children under 13 and is intended for users who are permitted to use Chrome extensions and any websites where they choose to write. If you believe a child provided personal information to Polish, contact benbaler@gmail.com.
International Processing
Polish and its service providers may process information in the United States and other countries where they operate. Privacy and data protection laws may differ from those in your location.
Changes to This Policy
We may update this Privacy Policy as the extension, infrastructure, legal requirements, or Chrome Web Store policies change. The updated policy will be posted on this page with a new "Last updated" date. If Polish introduces materially different user-data practices, we will provide any additional disclosure or consent required by applicable law or Chrome Web Store policy.
Contact
Questions about this policy or Polish privacy practices can be sent to benbaler@gmail.com.