Privacy Policy

Scope and Purpose

This Privacy Policy applies to the PromptHush Chrome extension and the PromptHush website and account service at prompthush.com. PromptHush is a privacy tool that detects and can redact sensitive content in prompts on supported AI websites before you choose to send them.

The extension must access the text you enter on supported AI websites in order to provide its detection and redaction features. Prompt detection and redaction take place locally in your browser. PromptHush does not send your original prompt text or detected sensitive values to PromptHush servers for scanning.

Data Handled Locally by the Extension

Prompt text and sensitive findings: while you use a supported AI website, the extension reads the prompt text in the relevant input field and evaluates it locally against detection rules. This can include personal, financial, authentication, health, legal, or other sensitive data that you typed into a prompt.

Local activity log: when sensitive data is detected, the extension stores an encrypted local activity record that may include the supported website domain, timestamp, action taken, detected category labels and counts, masked previews, and a locally calculated hash of prompt text. The local activity log is limited to the most recent 500 entries.

Local redaction history: on plans that provide redaction history, when you choose to redact text, the extension stores encrypted before/after history locally on your device. This can contain a limited original prompt excerpt around the detected value, the website domain, masked preview, replacement token, type, label, severity, and time. The local history is limited to the most recent 200 entries.

Preferences and cached data: the extension stores settings, custom private detection terms, onboarding status, cached plan and credit information, and downloaded detector rules in Chrome local storage. Session tokens and the local encryption key are stored in Chrome session storage while available. Older versions may have stored custom terms in Chrome Sync storage; the current extension migrates those terms to local storage and removes the synced copy when it is found.

Data Collected by PromptHush Servers

Account and authentication data: if you create or use an account, we collect your email address, authentication credentials submitted for account access, authentication provider, account identifier, extension session information, and email confirmation or password reset records. Extension session tokens are stored server-side in hashed form.

Service usage data: when a signed-in extension scan detects findings and checks or uses a credit, the extension sends your account session, an operation identifier, number of findings, and whether a block, redaction, or send override occurred. We store daily totals, credit ledger records, plan and credit balances, and operation identifiers. These server-side usage records do not contain your original prompt text, detected values, local custom terms, or local redaction history.

Security and abuse-prevention data: account or website requests can result in collection of IP address or hashed IP address, user agent, browser language, origin, referrer, selected request headers, authentication and confirmation-attempt records, and hashed anti-abuse signals. During sign-up, a device/browser signal derived from browser and device attributes is sent to our server and stored only as a hash for duplicate-account and abuse controls.

Password reset information: when a password reset is requested for an existing account, we may store the request time, IP address, approximate location supplied by network headers, and a device/browser description in account metadata so the reset email can identify the request.

Billing Data

If you start or manage a paid subscription, Stripe processes payment information. PromptHush stores billing-related identifiers and status, including Stripe customer, price, subscription and checkout session identifiers, selected plan, subscription status and period, and cancellation status. PromptHush does not store full payment card numbers.

Before paid checkout, we store your Terms of Service acceptance and checkout audit information, including selected plan, terms version, acceptance time, IP address and hashed IP address, user agent, language, origin, referrer, selected request headers, and associated checkout session identifier when available.

How We Use Data

We use local prompt access, local settings, and local history solely to provide detection, warning, redaction, history, export, and configuration features requested through the extension.

We use server-side account, usage, security, and billing data to create and authenticate accounts, issue and revoke extension sessions, deliver account emails, maintain plan entitlements, enforce scan credits, show account dashboard statistics, process and manage subscriptions, prevent fraud or abuse, investigate security issues, provide support, and comply with legal obligations.

Data Sharing and Third Parties

We do not sell your personal information and do not use or transfer user data for personalized advertising, retargeting, or interest-based advertising.

Supabase processes and stores account, authentication, database, extension session, usage, security, billing-status, and account email data for PromptHush infrastructure and authentication services.

Stripe receives and processes billing and payment information and receives account and plan identifiers needed to provide checkout, subscriptions, and the billing portal.

Cloudflare Turnstile receives verification data, including a challenge token and IP address when available, when it is used on website sign-up, sign-in, confirmation email, or password reset forms to protect those forms from abuse.

The extension operates within supported third-party AI websites. PromptHush does not separately send your original prompt text to those providers. Text you type into or submit through a third-party website may be processed by that website according to its own privacy terms, which PromptHush does not control.

We may disclose relevant information if required by law or necessary to protect the security, rights, or safety of users, PromptHush, or the public, or as part of a merger, acquisition, or sale of assets subject to continued protection of user data.

Storage, Retention, and Deletion

Device-local extension data is stored using Chrome extension storage. Local activity records and redaction history are encrypted with AES-GCM before being stored. You can clear local history through extension controls; removing the extension or clearing its storage also removes device-local extension data. Locally exported files remain wherever you choose to save them.

The extension creates a session that expires after 30 days and is revocable on sign-out. Server-side account, subscription, credit, usage, Terms acceptance, and abuse-prevention records are retained while your account is active and as reasonably necessary to provide the service, maintain security and fraud-prevention records, resolve disputes, enforce agreements, and meet legal, tax, or accounting requirements.

You may request access to or deletion of your PromptHush account data by contacting support@prompthush.com. Deletion requests are subject to records we must retain for legal, security, fraud-prevention, billing, or dispute-resolution purposes.

Security Measures

PromptHush uses HTTPS for extension-to-service transmissions, encrypts locally retained activity and redaction history, hashes server-stored extension tokens and certain anti-abuse signals, applies access controls and row-level security to database records, and rate-limits abuse-prone endpoints. No security method eliminates all risk.

Chrome Web Store Limited Use Disclosure

The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

PromptHush uses data accessed through Chrome extension capabilities only to provide or improve its single purpose and user-facing privacy protection features, maintain account and subscription functionality, or for security and legal purposes permitted by that policy. We do not transfer that data for advertising and do not allow humans to read prompt content or locally stored sensitive history except when required by law or security purposes, or when you specifically request support involving data you provide.

Your Choices and Rights

You can disable or uninstall the extension, clear its local history, manage local custom terms and settings, sign out to revoke extension sessions, and cancel a paid plan through the billing portal. You may also contact us to request account data access, correction, or deletion, subject to applicable law and necessary retention described above.

Policy Updates

We may update this policy as PromptHush features or legal requirements change. We will post the updated policy here and revise the last updated date above. Material changes will apply prospectively after notice where required.

Contact

For privacy questions, contact the PromptHush operator at support@prompthush.com.