Privacy Policy for AnkiLingoFlash

1. Data Collection and Usage:
• User Data: The extension collects user data, including user IDs, usernames, and email addresses, when you sign in using Google OAuth. This data is stored remotely on Cloudflare Workers and is used to personalize your experience, such as tracking the number of flashcards you have generated.
• Flashcard Data: The extension tracks the number of flashcards you generate. This information is stored on Cloudflare Workers and is used to manage your usage limits.
• API Keys: If you choose to use your own OpenAI API key, it is stored locally in your browser’s storage in an encrypted form. The key is only used to interact with OpenAI’s services for generating flashcards.

2. Data Storage:
• Remote Storage on Cloudflare Workers: User data, including your name, email address, user ID, and flashcard generation count, is stored remotely on Cloudflare Workers. This allows the extension to manage and persist your data across sessions and devices.
• Local Storage: Your OpenAI API key is stored locally in your browser’s storage in an encrypted format. No sensitive data like API keys are stored on Cloudflare Workers.

3. Third-Party Services:
• Google OAuth: The extension uses Google OAuth for authentication. When you log in, your Google profile information, such as your email and name, may be accessed and stored on Cloudflare Workers.
• OpenAI API: For generating flashcards, the extension interacts with the OpenAI API. Depending on your configuration, requests may be sent to OpenAI’s servers using your API key or using a shared API key provided by the extension.

4. Data Sharing:
• The extension does not share your personal data with third parties, except for necessary interactions with Google (for OAuth authentication), OpenAI (for generating flashcards), and Cloudflare Workers (for data storage). Your data is not sold or used for any other purpose.

5. Data Security:
• Encryption: Sensitive data such as your OpenAI API key is encrypted before being stored locally. Data transferred to and from Cloudflare Workers is secured using standard encryption protocols (HTTPS).
• Security Measures: The extension employs industry-standard security practices to protect your data during transmission and while it is stored, both locally and remotely. However, the security of your data also depends on the overall security of your browser and device.

6. User Rights:
• Access and Management: You have the right to access the data stored by the extension through your browser’s storage settings. Data stored remotely on Cloudflare Workers can be accessed and managed through the extension interface.
• Data Deletion: You can delete your data by uninstalling the extension, which will remove local data. For remote data stored on Cloudflare Workers, you can contact support for deletion requests.

7. Changes to This Policy:
• Any changes to this privacy policy will be communicated through updates to the extension. It is your responsibility to review the updated policy.

8. Contact Information:
• If you have any questions or concerns regarding this privacy policy, you can contact us at support@ankilingoflash.com.