Privacy Policy

Who We Are
Information We Collect
How We Use Your Information
We Do Not Sell Your Data
Data Sharing & Third Parties
Screen & Page Content
Data Retention
Data Security
Your Rights & Choices
Cookies
Children's Privacy
Changes to This Policy
Contact Us

1 Who We Are

Display AI ("we", "us", "our") is a Chrome browser extension that provides an AI-powered sidebar assistant. We are the data controller responsible for personal information collected through our extension and website.

If you have questions about this Privacy Policy, contact us at displayai@outlook.com.

2 Information We Collect

We collect only what is necessary to provide the service.

Information you provide directly:

Account information — your email address and password (stored as a hashed, encrypted value).
Payment information — processed directly by Stripe. We never store your full card number, CVV, or raw payment details.
Support communications — messages you send us for support or inquiries.

Information collected automatically:

Usage data — daily token usage counts to enforce plan limits. We do not log the content of your prompts or AI responses on our servers.
Subscription status — your current plan tier and status from Stripe.
Technical logs — IP address, request timestamps, and HTTP status codes used solely for debugging and security, retained for 30 days.

Stored locally on your device only:

Chat history is stored in Chrome's local extension storage on your device and is never transmitted to our servers.
Your authentication token is stored locally to keep you signed in.

3 How We Use Your Information

We use collected information only to:

Create and manage your account
Process payments and manage your subscription
Enforce daily token usage limits based on your plan
Respond to support requests
Detect and prevent fraud, abuse, or security incidents
Send transactional emails (receipts, subscription updates) — never marketing emails without explicit consent
Improve the reliability and performance of our service

We do not use your data to build advertising profiles, train AI models on your personal queries, or for any purpose beyond providing and operating Display AI.

4 We Do Not Sell Your Data

Display AI does not sell, rent, lease, or trade your personal information to any third party — ever. This applies to all data including your email, usage data, payment information, and any content you interact with through the extension.

We do not engage in data brokering. We do not share your data with advertisers. We do not participate in any arrangement where your personal data is exchanged for money or compensation of any kind.

This is a core principle of Display AI and will not change. If we ever update this policy in a material way, we will notify you by email and give you the option to delete your account before changes take effect.

5 Data Sharing & Third Parties

We share data with third parties only to the minimum extent needed to operate the service:

Stripe — payment processing. Governed by Stripe's Privacy Policy. We receive only subscription status and customer identifiers.
Google Gemini API — your chat messages and optional page context are sent to Google's Gemini API to generate AI responses. Subject to Google's Privacy Policy. We do not store your query content on our servers.
Hosting providers — our backend runs on a third-party cloud provider bound by data processing agreements. They have access only to server infrastructure.

We do not use advertising networks, cross-site analytics platforms, or social media tracking pixels. We may disclose information if required by law or to protect the safety and security of our users.

6 Screen & Page Content

Display AI can optionally read your active tab's content and capture a screenshot, but only when you explicitly enable these features per message using the toggles in the sidebar.

Page context — extracted from the current tab's visible text and sent with your query to Gemini. Not stored on our servers.
Screenshots — captured only when you opt in per message, sent to Gemini for analysis, and not stored on our servers.
We do not perform background screen monitoring or passive data collection of any kind.

You are always in control. Screen reading and screenshot capture are opt-in per message and can be toggled off at any time.

7 Data Retention

Account data — retained while your account is active; deleted within 30 days of account deletion.
Billing records — retained as required for legal and financial compliance (typically 7 years).
Server logs — retained for up to 30 days then automatically deleted.
Chat history — stored only on your local device. Uninstalling the extension or clearing browser storage removes it permanently.

You may request deletion of your account and data at any time by emailing displayai@outlook.com.

8 Data Security

All data in transit is encrypted using TLS (HTTPS).
Passwords are hashed using bcrypt — we never store plain-text passwords.
Authentication uses signed JSON Web Tokens (JWT) with expiration.
Payment processing is handled entirely by Stripe (PCI-DSS compliant).
Access to personal data is restricted to personnel who need it to operate the service.

No method of internet transmission is 100% secure. If you discover a security vulnerability, please report it immediately to displayai@outlook.com.

9 Your Rights & Choices

Depending on your location, you may have the right to:

Access — request a copy of the personal data we hold about you.
Correction — request correction of inaccurate or incomplete data.
Deletion — request deletion of your account and personal data.
Portability — receive your data in a structured, machine-readable format.
Objection — object to certain types of processing.
Withdraw consent — where processing is based on consent, withdraw it at any time.

To exercise any of these rights, email displayai@outlook.com. We respond within 30 days at no charge.

You can cancel your subscription at any time from within the extension sidebar. Cancellation takes effect at the end of your billing period.

EEA / UK users: You have additional rights under GDPR/UK GDPR and may lodge a complaint with your local data protection authority.

California residents: Under the CCPA you have the right to know, delete, and opt out of the sale of personal information. We do not sell personal information, but all other CCPA rights are fully honored.

10 Cookies

We do not use tracking cookies or advertising cookies.
We do not use any third-party analytics that track you across websites.
Authentication tokens are stored in Chrome's extension local storage, not browser cookies.

11 Children's Privacy

Display AI is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe your child has provided us with personal data, contact us at displayai@outlook.com and we will delete it promptly. Users between 13 and 18 should use the extension only with parental consent.

12 Changes to This Policy

When we update this policy we will update the "Last updated" date above and notify registered users by email of any material changes before they take effect. For significant changes, we will give at least 30 days notice and give you the option to delete your account. Continued use after changes constitutes acceptance.

13 Contact Us

For any questions, concerns, or data requests:

Email: displayai@outlook.com
Response time: We aim to reply within 1–2 business days.

Questions about your privacy?

We're happy to explain anything in plain English.

Contact Support →

We do not sell your data. Ever.

Table of Contents