Legal

Privacy Policy

Effective May 30, 2025

This Privacy Policy explains what information Panopt. collects, how we use it, and the choices you have. It applies to the Panopt. browser extension, this website, and any related services (collectively, the "Service"). By using the Service, you agree to the practices described here.

1. Information We Collect

Account information

When you create an account, we collect your email address and a hashed password. If you sign in via a third-party provider (e.g. Google), we receive your name and email from that provider.

Payment information

Subscription payments are processed by Stripe. We never see or store your full card number — Stripe handles all payment card data and provides us only with a token, the last four digits of your card, and your billing status.

Images you process

When you use the extension to generate alt text, the image (or a reference to its URL) is sent to our servers and forwarded to a third-party AI model for processing. We do not permanently store the images you submit. Processed images are retained in transit only for the time needed to return a result, then discarded.

Usage data

We collect basic logs about how you use the Service — for example, the number of alt text requests made, error events, and extension version. This helps us maintain reliability and understand which features are useful. We do not record the content of the pages you visit.

Device and browser information

We may receive your browser type, operating system, and extension version when you interact with our servers. We do not fingerprint your device or track you across websites outside of the extension's normal operation.

2. How We Use Your Information

We use the information we collect to:

  • Provide and operate the Service, including generating alt text on request.
  • Manage your account and subscription.
  • Send transactional emails (account confirmation, billing receipts, password resets).
  • Diagnose bugs and improve reliability.
  • Prevent abuse and enforce our Terms of Service.
  • Comply with legal obligations.

We do not sell your personal information. We do not use your data for advertising or share it with third parties for their own marketing purposes.

3. Third-Party Services

We share data with the following third parties only to the extent necessary to operate the Service:

  • Supabase — provides our database and authentication infrastructure. Your account data is stored on Supabase-hosted servers.
  • Stripe — handles payment processing. Your payment card data goes directly to Stripe and is governed by Stripe's Privacy Policy.
  • Anthropic — provides the AI model used to generate alt text. Images you submit are forwarded to Anthropic's API for processing and are subject to Anthropic's Privacy Policy. Anthropic does not use API inputs to train its models by default.

4. Cookies and Local Storage

The extension stores your authentication token and preferences locally in your browser using extension storage APIs. This data stays on your device and is not transmitted to us except as part of authenticated API requests.

This website uses no third-party tracking cookies or analytics scripts.

5. Data Retention

We retain your account information for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or financial record-keeping purposes (e.g., billing records are kept for up to 7 years as required by law).

6. Your Rights and Choices

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data.
  • Object to or restrict certain processing.
  • Receive a copy of your data in a portable format.

To exercise any of these rights, email us at karellehofler@gmail.com. We will respond within 30 days. You may also delete your account directly from the extension dashboard, which will trigger deletion of your account data.

7. Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), hashed passwords, and access controls on our backend systems. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Children's Privacy

The Service is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. International Transfers

Panopt. is operated from the United States. If you access the Service from outside the US, your data may be transferred to and processed in the US, where data protection laws may differ from those in your country. By using the Service, you consent to this transfer.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a notice in the extension. The "Effective" date at the top of this page reflects the date of the most recent revision. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

11. Contact

If you have questions or concerns about this Privacy Policy, email us at karellehofler@gmail.com.