Privacy Policy

Your privacy matters. Here's how we protect your data.

Last Updated: January 2025

Privacy-First Promise

Your bookmarks remain in your browser - only titles and URLs are sent to our secure backend for AI organization when you explicitly request it. We process them immediately and discard them after. No browsing history tracking. No data selling. Full transparency.

1. Information We Collect

1.1 Account Information

When you create an account or use our Chrome extension, we collect:

  • Email Address: Used for account identification and communication
  • Payment Information: Processed securely through our payment providers (Stripe or Tranzila). We do not store credit card details on our servers.

1.2 Device Authentication Data

To prevent account sharing and fraud, we collect device fingerprinting data when you authenticate:

  • User agent (browser and operating system information)
  • Screen resolution and color depth
  • Timezone
  • Browser platform
  • Hardware concurrency (CPU cores)
  • Device memory
  • Canvas fingerprint (technical identifier)

Purpose: This data creates a unique device identifier to ensure one account = one device, preventing unauthorized access and account sharing violations.

1.3 Usage Analytics

We use Syterr Analytics (privacy-first analytics service) to understand how users interact with our extension and website. This includes:

  • Pages visited
  • Extension installation and activation events
  • Feature usage patterns
  • Error logs

Note: Syterr Analytics is GDPR-compliant and does not track you across other websites.

1.4 Bookmark Organization Data

When you use the AI organization feature:

  • Bookmark Metadata: Titles and URLs are processed by Anthropic Claude API through our secure backend service for categorization
  • Organized Structure: We temporarily store organization recommendations to display them to you
  • Credit Usage: We track how many bookmarks you've organized to enforce plan limits

Important: Your actual bookmarks remain in your browser. We only process metadata (titles/URLs) through Claude API to generate folder suggestions, then discard them.

2. How We Use Your Information

  • Authentication & Security: Verify your identity, prevent unauthorized access, and enforce one-device-per-account policy
  • Service Delivery: Process bookmark organization requests through Claude API via our secure backend service
  • Billing & Payments: Process payments, issue invoices, manage subscriptions
  • Service Improvement: Analyze usage patterns to improve features and user experience
  • Communication: Send service updates, security alerts, and payment confirmations
  • Fraud Prevention: Detect and prevent account sharing, abuse, and unauthorized access

3. Third-Party Services

We use the following third-party services:

3.1 Anthropic Claude API

Purpose: AI-powered bookmark categorization
Data Shared: Bookmark titles and URLs are sent to Claude API via our secure backend service for AI processing
Privacy Policy: anthropic.com/privacy

3.2 Payment Processors

Stripe: Credit card processing for subscriptions
Tranzila: Alternative payment gateway
Data Shared: Email, payment amount, transaction details
Note: Credit card information is handled directly by these processors, never touching our servers.

3.3 Syterr Analytics

Purpose: Privacy-first website and extension analytics
Data Shared: Page views, events, anonymized usage data
Privacy Policy: syterr.com/privacy

4. Data Storage & Security

  • Database: User accounts and transactions are stored in a secure MySQL database with encrypted connections
  • Passwords: Hashed using bcrypt with individual salts (we cannot see your password)
  • HTTPS: All data transmission is encrypted using SSL/TLS
  • Access Control: Administrative access is protected by secure tokens
  • Backend Security: Our Claude API credentials are stored securely in encrypted server environment variables

5. Data Retention

  • Active Accounts: Retained as long as your account is active
  • Deleted Accounts: Account data is permanently deleted within 30 days of deletion request
  • Transaction Records: Kept for 7 years for legal/tax compliance
  • Bookmark Data: Immediately discarded after organization request is processed (not stored)

6. Your Rights

You have the right to:

  • Access: Request a copy of all data we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request permanent deletion of your account and associated data
  • Export: Download your bookmark organization history
  • Opt-Out: Disable analytics tracking (browser extension settings)

To exercise these rights, contact us at: privacy@sorted-ai.com

7. Cookies & Local Storage

We use:

  • Session Cookies: To keep you logged in (cleared when you close browser)
  • Chrome Extension Storage: To store your authentication state locally in your browser

We do NOT use tracking cookies or share cookie data with third parties.

8. Children's Privacy

Sorted AI is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected data from a child, please contact us immediately.

9. International Data Transfers

Our services are hosted in the United States. By using Sorted AI, you consent to the transfer of your information to the U.S., which may have different data protection laws than your country.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by:

  • Updating the "Last Updated" date at the top
  • Sending an email to your registered email address
  • Displaying a notice in the Chrome extension

Continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this privacy policy:

Bottom Line

We collect minimal data to run the service securely. Your bookmarks stay in your browser. We process them through our secure backend using industry-standard AI. We don't sell data. You can delete everything anytime.