Privacy Policy.

This Privacy Policy explains what personal information ReadToRecall (the “Service”), operated by Daniel Li (“we,” “us,” or “our”), collects from you, why we collect it, who we share it with, and the choices you have. It applies to the ReadToRecall Chrome extension, the readtorecall.com website, and our backend APIs.

1. Overview and Scope

This Policy applies whenever you interact with ReadToRecall — for example, when you install the Chrome extension, sign in with Google, generate summaries or flashcards, subscribe to a paid plan, or visit our marketing pages. It does not apply to third-party websites or services we link to, or to content you summarize that comes from third parties.

By using ReadToRecall, you agree to the practices described here. If you do not agree, please do not install the extension or create an account.

2. Information We Collect

We collect only the information we need to run the Service. The table below lists every category we store on our servers.

Account information

Field	Source	Why we have it
Email address	Google Sign-In	Account identifier, login, billing receipts, account notifications.
Display name & profile picture URL	Google Sign-In	Shown in the extension’s profile area. The picture itself is loaded from Google’s URL on demand; we store only the URL via the Django allauth library.
Username	Auto-generated from your email’s local part (you can change it in settings)	Internal identifier; displayed in profile.
Google account identifier (“sub”)	Google Sign-In	Stable link between your Google identity and your ReadToRecall account.
Account created / last updated timestamps	Generated server-side	Operational records.

Subscription and billing information

Field	Source	Why we have it
Plan (free / standard / pro)	Stripe webhook	Determines what features and limits you can use.
Usage counters (e.g. summaries used this period)	Generated server-side	Enforces per-plan limits; reset each billing period.
Current billing period start / end	Stripe webhook	Drives quota resets and renewal display.
Stripe customer ID, subscription ID, price ID	Stripe	Links your account to Stripe so we can read your subscription state. These are opaque identifiers, not card data.
Cancellation flag, payment-problem reason, payment-problem timestamp	Stripe webhook	Surfaces in-app banners (“your last payment failed”, “plan ends on date”).
Pending checkout session (Stripe session ID + URL + expiry)	Generated when you start checkout	Lets us resume an in-progress checkout. Auto-expires.
Stripe event ID + event type (idempotency log)	Stripe webhook	Prevents us from processing the same webhook twice. We do not store the full webhook payload.

Your credit card number, expiry date, CVV, and billing address are collected and stored by Stripe, not by us. We never see or store full card details.

Technical information

When your browser talks to our servers we automatically receive:

• Your IP address, user-agent string, request method, path, status code, and timestamp — standard web-server log fields used for security, debugging, and abuse prevention.
• Authentication cookies (see §7).

We use Google Analytics on the readtorecall.com marketing website to measure aggregate traffic (page views, referral sources, geography). Google Analytics may set its own cookies; see Google’s cookie policy for details. We do not run analytics, advertising trackers, fingerprinting scripts, or session-replay tools inside the Chrome extension or on the backend API.

3. How We Collect Information

• From Google, when you sign in with Google Sign-In and consent to share your profile and email scopes.
• From Stripe, via webhooks fired when you start a checkout, complete a payment, change a plan, or cancel.
• From your browser, when the extension calls our API to generate a summary, refresh authentication, or fetch your profile.
• From the page you are actively viewing, when you click the extension icon — the extension extracts the readable text of that page, that PDF, or that YouTube transcript and sends it to our backend for the duration of one request.

4. How We Use Information

We use the information described in §2 to:

• Authenticate you and keep your session active.
• Generate summaries, flashcards, quizzes, and action items in response to your requests.
• Enforce per-plan usage limits and surface your current usage in the UI.
• Process subscriptions, renewals, and cancellations via Stripe; show you billing status and payment-problem alerts.
• Keep the Service running — debug errors, defend against abuse, and respond to legal requests.
• Communicate with you about your account, security issues, material changes to the Service, and billing.

We do not use your information to build advertising profiles, sell to third parties, or train AI models.

5. AI Processing (Google Gemini)

When you generate a summary, flashcards, a quiz, or action items, the extension extracts the relevant content from the page, PDF, or YouTube transcript you are viewing and sends it to our backend. Our backend then sends that text to Google Gemini through the official Gemini API to generate the AI output, which is returned to your browser.

We do not pass your account email, name, IP address, or any other personal identifier to Gemini along with the content. Gemini sees the text to be processed and an API key that identifies us, not you. Google’s handling of API requests is governed by the Gemini API Terms of Service and Google’s privacy policies, which may include short-term logging for abuse prevention and service quality. We do not control those practices.

The text you send for processing may include personal information (yours or other people’s) if the page, PDF, or transcript contains it. Do not summarize content you do not have the right to process, and avoid sending sensitive information you would not want a third-party AI provider to see.

6. Third-Party Services

The Service relies on these third parties. We disclose only the data necessary to use their service.

Provider	Purpose	What it sees
Google (Sign-In)	Authentication via OAuth	That you signed in. Returns your name, email, profile picture URL, and Google account ID to us.
Google (Gemini API)	AI processing for summaries, flashcards, quizzes, action items	The text content you submitted for that request, plus our API key. No user identity.
Stripe	Payments, subscriptions, billing portal	Your name, email, billing address, payment card details, and transaction history. Stripe is the payment data controller.
Google Chrome Web Store	Distribution of the extension	Install / uninstall events, aggregate usage and crash stats reported by Chrome.
YouTube	Access to public video transcripts	Standard request data when our backend fetches a public transcript URL.
Hosting / infrastructure providers	Run our servers and database	Encrypted traffic between you and our backend; database storage of the records in §2.

Each of these providers has its own privacy policy that governs how they handle your information.

7. Cookies, Local Storage, and Tracking

Cookies set by our backend

Cookie	Purpose	Lifetime / properties
access_token	Short-lived JWT used to authenticate API calls.	15 minutes. HTTP-only, Secure (in production), SameSite=None.
refresh_token	Lets the extension renew your access token without re-logging in.	1 day. HTTP-only, Secure (in production), SameSite=None, path scoped to /api/token/refresh. Blacklisted on rotation and logout.
csrftoken	Django’s Cross-Site Request Forgery token. Required to make mutating requests.	Set by Django. HTTP-only, Secure (in production), SameSite=Lax.
sessionid	Temporarily used during the Google Sign-In handshake, then immediately cleared once JWT cookies are issued.	Cleared at the end of the social-login flow.

We do not use cookies for advertising or cross-site tracking. Google Analytics, used on the marketing website, sets its own cookies to measure traffic; those cookies are not set inside the Chrome extension. We do not use Meta Pixel or any comparable advertising tracker.

Local storage in your browser

The extension uses your browser’s localStorage to keep the Service usable offline and to avoid sending data we don’t need to. Items stored locally include:

• Settings — theme, language, summary format and length, font size, currency, quiz difficulty, last page viewed.
• Current session (current-session) — the URL you are currently summarizing and any flashcards / quiz already generated in this tab.
• History (user-history) — a map of past summaries, flashcards, and quizzes keyed by your email (or anonymous if you are not signed in). This is stored only in your browser. It is never transmitted to our backend.

No authentication or account data is stored in local storage. Your identity and session are managed entirely through HTTP-only cookies (see above); the extension does not persist tokens, profile information, or login state in localStorage.

You can clear any of these at any time using your browser’s “Clear site data” control, or by uninstalling the extension. Clearing local storage does not delete your account on our servers.

8. Chrome Extension Permissions

The ReadToRecall Chrome extension requests the smallest set of permissions necessary to function:

• activeTab — lets the extension read the current tab’s content only when you click the extension icon. It does not give us access to other tabs, your browsing history, or your bookmarks.
• scripting — lets the extension inject the script that extracts readable text from the page you are summarizing.
• Host permissions — https://readtorecall.com/* (our backend), so the extension can make authenticated API calls to generate summaries, flashcards, and quizzes.

The extension does not request, and therefore cannot access, the tabs, webNavigation, cookies, browsingHistory, bookmarks, storage (extension-scoped), nativeMessaging, or downloads permissions.

9. What We Do Not Collect

We have deliberately built the Service to minimize what we know about you. We do not collect or store:

• The full content of webpages, PDFs, or YouTube transcripts you summarize — that content is processed transiently in memory and not written to our database.
• The summaries, flashcards, quizzes, or action items you generate — those are returned to your browser and stored only in your local storage.
• The URLs you have visited or summarized, beyond the single request currently being served.
• Your credit card number, expiry, CVV, or billing address (Stripe holds these).
• Your contacts, calendar, files, location, microphone, or camera.
• Browsing history outside of pages you actively summarize.
• Behavioural analytics, advertising profiles, or biometric identifiers.

10. Data Retention

• Account records (email, username, Google profile, Stripe IDs, subscription state) are kept for as long as your account exists, plus a short window after deletion for backup expiry and accounting/tax purposes.
• Stripe-related records are also retained by Stripe under its own policies and applicable financial-records laws.
• Usage counters reset at the start of each billing period; historical counters are not retained beyond the current period.
• Pending checkout sessions auto-expire shortly after creation.
• Server logs (request metadata, errors) are retained for a limited operational period (typically up to 90 days) and then rotated out.
• Locally stored data (settings, history, session) persists in your browser until you clear it or uninstall the extension. We have no copy.

11. Security

We take reasonable technical and organizational measures to protect your data:

• All traffic between your browser and our backend is encrypted in transit (HTTPS / TLS).
• Authentication uses HTTP-only JWT cookies; access tokens are short-lived and refresh tokens are blacklisted on rotation and logout.
• All state-changing API calls require a CSRF token.
• Strict transport security, content-type sniffing protection, secure referrer policy, and same-origin opener policy are enforced in production.
• Card data never reaches our servers — Stripe handles payment input directly.
• Stripe webhook payloads are signature-verified, and webhook events are de-duplicated by event ID.
• Access to production systems is limited to the operator (Daniel Li).

No system is perfectly secure. If we become aware of a data breach affecting your information, we will notify you and applicable regulators as required by law.

12. Your Privacy Rights

Depending on where you live, you may have some or all of the following rights regarding the personal information we hold about you:

• Access — request a copy of the information we hold about you.
• Correction — correct inaccurate or incomplete information.
• Deletion — ask us to delete your account and the personal information tied to it. We may retain limited records where required by law (for example, transaction records for tax purposes).
• Portability — receive a machine-readable copy of your account information.
• Withdraw consent — revoke the Google permissions you granted from your Google Account settings.
• Complaint — lodge a complaint with your local data protection authority.

To exercise any of these rights, email us at [email protected] from the email address tied to your account. We will respond within the timeframes required by applicable law (typically 30 days).

13. Children’s Privacy

ReadToRecall is not directed to children under 13, and we do not knowingly collect personal information from children under 13. Older minors may use the Service only if permitted by their local digital-consent law and, where required, with the involvement of a parent or guardian. If you believe a child under 13 has provided us with personal information, please contact us so we can delete it.

14. International Data Transfers

Our backend is operated from Canada, our payment processor (Stripe) operates globally, and our AI provider (Google Gemini) operates from the United States and other regions. If you use the Service from outside these jurisdictions, your information will be transferred to and processed in countries whose data-protection laws may differ from those of your country. By using the Service you consent to those transfers.

15. Changes to This Policy

We may update this Policy from time to time to reflect changes in the Service, our practices, or the law. The “Last updated” date at the top of this page reflects the most recent revision. For material changes, we will provide notice by email and/or via an in-app banner at least 14 days before the new Policy takes effect. Continued use of the Service after that date constitutes acceptance.

16. Contact Us

For privacy questions, data requests, or to report a concern, contact:

Daniel Li — ReadToRecall
[email protected]

For our full legal terms, see the Terms & Conditions.