1. Scope
This Privacy Policy applies to sammyjoze.com and all software, Chrome extensions, web apps, desktop apps, and related services published by Sammy Joze (collectively, the “Services”).
This is an umbrella policy covering all extensions and apps we publish, including:
- Chrome extensions
- Web apps
- Desktop apps
- Product websites that reference or link to this policy
By using any Service, you acknowledge this policy. In-app help or store listings may describe additional product-specific details.
2. What we collect
What we collect depends on which product you use. Across our Services, we may process:
- Account information — email address, display name, authentication credentials, and profile settings when you create an account.
- User content — data you choose to store or submit, such as vault entries, app records, documents, or text you send to an AI provider.
- API keys and credentials you provide — third-party keys you enter to enable features in extensions or apps that use a bring-your-own-key model. See the product table below for where keys are stored.
- Website content you actively use — page text or selections you trigger an extension to read, only when you invoke a feature and only as described for that product.
- Service logs — operational data such as timestamps, IP addresses, device or browser type, error reports, and performance metrics needed to run and secure our Services.
- Support messages — information you send when contacting us for help, including email content and attachments.
We do not sell your personal information. We also do not use your data to determine creditworthiness, eligibility for a loan, or for lending purposes.
3. By product type
The table below summarizes how data is handled across major product categories. Individual extension listings in the Chrome Web Store describe specific permissions.
| Category |
Typical use |
Account required |
What we receive on our servers |
| BYOK extensions |
AI-powered browser tools |
No |
We do not receive your API key or the text you select. Your API key is stored locally in the browser. When you run a feature, requests go browser → third-party provider using your key. We do not operate accounts for these extensions and do not receive API keys or selected text on our servers. |
| Account-based apps |
Password managers, synced data apps |
Yes |
Account email and encrypted payloads. Sensitive data is encrypted client-side before sync. We cannot read your decrypted contents on our servers. |
| Utility extensions |
Browser productivity tools |
Usually no |
Varies by extension. Many features use local browser storage only. Permissions and data access are described in each extension’s Chrome Web Store listing. We collect server-side data only when a feature explicitly requires it. |
BYOK extensions (Chrome Web Store)
For Chrome Web Store compliance: bring-your-own-key extensions store your API key on your device. Your key is sent directly from your browser to the third-party provider only when you trigger a feature. We do not collect, transmit, or store your API key or the text you select.
4. How we use data
We use information we process to:
- Provide the Services — authenticate accounts, sync encrypted data, run apps, and deliver features you request.
- Operate and improve — maintain uptime, fix bugs, understand usage patterns in aggregate, and develop new features.
- Security and abuse prevention — detect fraud, protect accounts, and enforce our Terms of Service.
- Support — respond to your questions and troubleshoot issues you report.
- Legal compliance — meet applicable legal obligations and respond to lawful requests.
We do not sell personal information. We do not use your data for creditworthiness or lending decisions. We do not use vault contents or BYOK extension data for advertising profiles.
5. Third-party AI and APIs
Some extensions and apps connect to third-party AI or API providers that you choose to use:
- BYOK extensions — when you trigger a feature, selected text and your prompt are sent from your browser directly to the provider using the API key you configured. That provider’s terms and privacy policy apply. You are responsible for your API key, usage limits, and any fees charged by the provider.
- Other products — if a feature integrates a third-party AI or API, we describe it in-product and update this policy as needed.
We are not responsible for third-party providers’ handling of data once you direct your browser or account to connect to them.
6. Sharing
We may share information only in these circumstances:
- Infrastructure providers — hosting, databases, email delivery, analytics, and similar vendors that help us operate the Services, under contractual obligations to protect data.
- Third parties you connect — such as an AI or API provider when you invoke a BYOK extension, or other integrations you explicitly enable.
- Legal requirements — when required by law, regulation, legal process, or to protect the rights, safety, and security of users and Sammy Joze.
- Business transfers — in connection with a merger, acquisition, or sale of assets, with notice where required by law.
We do not sell personal information to data brokers or advertising networks.
7. Retention and security
Retention
We retain account and service data for as long as your account is active or as needed to provide the Service. After account deletion, we delete or anonymize data within a reasonable period, except where retention is required by law or for legitimate security purposes (for example, backup cycles or dispute resolution).
BYOK extensions do not store your selected text or API keys on our servers, so there is nothing for us to retain for those items.
Security
We use industry-standard measures including encryption in transit (TLS), access controls, and — for account-based apps — client-side encryption before sync. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
8. Your choices
Depending on the product, you can:
- Export data — use in-product export tools where available.
- Delete your account — contact us or use account deletion options in the relevant app.
- Revoke API keys — remove or rotate keys in extension or app settings and at your API provider.
- Uninstall extensions — remove Chrome extensions from your browser; local data stored by the extension is cleared according to Chrome’s extension data rules.
- Manage browser permissions — review and revoke site access or permissions granted to any extension in Chrome settings.
- Opt out of non-essential communications — unsubscribe from marketing emails where offered; transactional and security messages may still be sent.
9. Children's privacy
Our Services are not directed to children under 13 (or the minimum age required in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us personal information, contact us and we will take steps to delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and, where appropriate, notify you through the Service or by email. Continued use after changes take effect constitutes acceptance of the updated policy.
11. Contact
Questions about this policy, data export, account deletion, or privacy requests:
team@sammyjoze.com