Privacy Policy

Last updated: February 17, 2026

1. Introduction

This Privacy Policy describes how AI Reply Hider ("we", "us", or "our") collects, uses, and protects information when you use our Chrome extension and related services (collectively, the "Service").

By installing the extension or using our Service, you agree to the practices described in this policy. If you do not agree, please uninstall the extension and discontinue use.

2. Information We Collect

2.1 Information collected by the extension (locally)

The following data is stored only in your browser using Chrome's local storage and is never transmitted to our servers:

• Your detection threshold preference (1-10 slider value)
• Extension enabled/disabled state
• Custom phrase lists for detection
• Session statistics (replies scanned, replies hidden)
• Cached detection scores for previously analyzed replies

2.2 Information collected when you create an account

If you choose to create a free or Pro account, we collect:

• Email address — used for account authentication and important service communications
• Display name — shown in the extension interface
• Password — stored securely using bcrypt hashing (we never store plaintext passwords)

2.3 Information collected during AI analysis

When AI-powered detection is enabled and you are logged in, the following is sent to our API for analysis:

• Reply text content — the text of X/Twitter replies being analyzed
• Authentication token — to verify your account and track API usage limits

2.4 Usage data

We track the following aggregate usage metrics tied to your account:

• Number of API analysis requests per day (for enforcing usage limits)
• Subscription status and billing period

3. How We Use Your Information

Data	Purpose
Email & password	Account authentication and login
Reply text	AI-powered analysis to generate a confidence score (1-10)
Daily API call count	Enforcing free tier (50/day) and Pro tier (10,000/day) usage limits
Subscription data	Managing your Pro subscription and billing

4. How We Process Reply Text

When AI analysis is triggered:

1. The reply text is sent over HTTPS to our secure API endpoint.
2. Our server forwards the text to OpenAI's API (GPT-4o-mini) for analysis.
3. OpenAI returns a confidence score indicating the likelihood of AI authorship.
4. The score is returned to the extension and cached locally.
5. We do not store reply text on our servers. It is processed in real-time and discarded immediately after scoring.

5. Third-Party Services

We use the following third-party services:

• OpenAI — for AI-powered reply analysis. Reply text is sent to OpenAI's API for scoring. OpenAI's data usage policies apply. See OpenAI's Privacy Policy.
• Neon (PostgreSQL) — for secure database hosting of account and subscription data.
• Dodo Payments — for processing Pro subscription payments. We never see or store your full payment details. See Dodo Payments' Privacy Policy.
• Vercel — for hosting our API and landing page. See Vercel's Privacy Policy.

6. Data Storage & Security

We implement appropriate technical and organizational measures to protect your data:

• All communication between the extension and our servers uses HTTPS/TLS encryption.
• Passwords are hashed with bcrypt before storage.
• Authentication uses short-lived JWT access tokens with secure refresh token rotation.
• Our database is hosted on Neon with encrypted storage at rest.
• Rate limiting is applied to all API endpoints to prevent abuse.

7. Data Retention

• Reply text: Not stored. Processed in real-time and immediately discarded.
• Account data: Retained for the duration of your account. Deleted upon account deletion request.
• Usage statistics: Daily API counts are retained for 90 days for usage tracking.
• Subscription data: Retained as required for billing and legal compliance.

8. Your Rights

You have the following rights regarding your personal data:

• Access: You can view your account information and usage data through the extension settings.
• Correction: You can update your account details at any time.
• Deletion: You can request complete deletion of your account and all associated data by contacting us at support@ai-reply-hider.com.
• Data portability: You can request a copy of your data in a machine-readable format.
• Opt out: You can disable AI-powered analysis at any time from the extension settings to stop all data transmission to our servers.

9. Chrome Extension Permissions

AI Reply Hider requests the following browser permissions:

• storage: To save your preferences and settings locally in Chrome.
• activeTab: To access the current X/Twitter tab for reply detection.
• alarms: To schedule periodic token refresh for authenticated sessions.
• Host permissions (x.com, twitter.com): To inject the content script that detects and hides AI replies on X/Twitter pages.

We do not request broad browsing permissions. The extension only operates on X/Twitter domains.

10. Children's Privacy

Our Service is not directed to children under 13 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Update the "Last updated" date at the top of this page.
• Notify users through the extension or via email for significant changes.

Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: support@ai-reply-hider.com