Privacy Policy

1. Single Purpose

TokenEyez is a specialized tool for tracking and optimizing AI token usage across supported AI platforms (Claude, ChatGPT, Gemini, and Perplexity). The extension's sole purpose is to help users see their AI consumption in real time, sync usage statistics across their devices, and reduce token spend through AI-powered prompt suggestions. The extension does not perform any function unrelated to this purpose.

2. Who we are

TokenEyez ("we", "us", "our", or "the service") is a browser extension and accompanying web service operated from Israel. The service is provided by the developer of TokenEyez (contact below). For any privacy-related question, complaint, or data request, you can reach us at:

• Email: tokeneyezofficial@gmail.com
• Response time: within 1 business day

3. Information we collect

3.1 Account data (when you create an account or sign in):

• Email address (provided by you at signup or via Google OAuth)
• Password — collected only when you choose to sign up or sign in using an email-and-password (rather than Google OAuth). Your password is transmitted over HTTPS directly to our authentication processor, Supabase Auth (see Section 8), which stores it as a one-way bcrypt hash. TokenEyez itself never stores your password in plaintext, never logs it, and never transmits it to any third party other than Supabase Auth for the sole purpose of authenticating you. The browser extension and dashboard never write your password to local storage. If you sign in with Google OAuth, no password is ever collected by TokenEyez.
• Display name, if you choose to set one
• Account creation timestamp
• Subscription tier (Free / Pro / Teams)
• Authentication tokens (JWT and refresh token) issued by Supabase Auth after successful sign-in — stored locally in your browser only, used solely to keep you signed in

Password handling — full transparency:

• What is collected: The password string you type into the TokenEyez sign-in or sign-up form (only on the email/password path).
• How it is transmitted: Over HTTPS (TLS 1.2+) directly to vopzshwpxmzryosfguac.supabase.co — the Supabase Auth endpoint that backs our authentication.
• How it is stored: As a salted bcrypt hash inside Supabase's managed authentication database. The plaintext is discarded immediately after hashing and is never written to disk in plaintext.
• What we do NOT do with it: We do not email it, we do not show it back to you, we do not share it with any analytics provider, ad network, or other third party. It is used solely to verify your identity when you sign in.
• How to delete it: When you delete your account (see Section 9), Supabase deletes the password hash along with your account record.

3.2 Usage statistics (when you use supported AI platforms):

• Platform name (e.g., "claude", "chatgpt", "gemini", "perplexity", "cursor")
• AI model identifier as exposed by the platform (e.g., "claude-sonnet-4-6")
• Numeric token counts: input tokens, output tokens, cache tokens
• Calculated cost in USD (derived from public model pricing)
• Timestamp of the interaction
• Source flag: whether the count is "real" (from API response) or "estimate" (from local tokenizer)

3.3 Optimization events (only when you click ✦ Rephrase):

• Numeric token counts before and after optimization
• Model name used for the analysis
• Whether you accepted the proposed rewrite (boolean)
• Latency of the analysis

3.4 Per-platform plan (only if you choose to enter it):

• The subscription plan you have on each AI platform (e.g., Claude Pro, ChatGPT Plus) — provided by you in the dashboard
• The monthly price you pay (optional, for ROI display)
• Your billing cycle start day (optional, for accurate alerts)

3.5 Information we DO NOT collect:

• The text content of your prompts to AI platforms
• The text content of AI responses
• Conversation history or conversation IDs
• Files, images, or attachments you upload to AI platforms
• Your AI account credentials, passwords, or session cookies for any third-party AI platform (Claude, ChatGPT, Gemini, Perplexity, Cursor). We collect a password only when you sign in to TokenEyez itself via the email/password path — see Section 3.1 above for full details.
• Your IP address (we don't log it server-side)
• Browser fingerprinting data, advertising IDs, or behavioral tracking signals
• Personal communications, contacts, location, financial details (other than billing tier), health information, or any "sensitive personal information" as defined by GDPR/CCPA

4. Chrome Extension Permissions

The TokenEyez extension requests the minimum permissions necessary to perform its single purpose. Each permission is used solely as described:

• storage — Used to save your local preferences (overlay on/off, theme, history toggle), cached usage statistics for instant rendering of the popup, and your authentication session token. All storage data lives on your device only and is never transmitted except in support of the cross-device sync described in Section 5.
• alarms — Used solely to schedule a low-frequency local cleanup task that purges historical entries older than 30 days from local storage to keep the extension lightweight.
• Host permissions for https://claude.ai/*, https://chatgpt.com/*, https://chat.openai.com/*, https://gemini.google.com/*, and https://www.perplexity.ai/* — Required so the extension's content scripts can run on these AI platforms and detect token counts as you interact with them. The extension reads only API response metadata (token counts, model names) and DOM text length on these pages. It does not transmit page contents anywhere except as described in Section 3.
• Host permission for https://tokeneyez.tre-lab.com/* — Required for the extension to communicate with our own backend (authentication, syncing your usage statistics, optional prompt analysis). This is our service domain only.

The extension does not request: history, tabs (full URL access), cookies, webRequest, bookmarks, downloads, or any other permission that could expose data unrelated to its single purpose.

5. The Prompt Intelligence (✦) feature

When, and only when, you click the ✦ button next to your prompt, TokenEyez sends the specific prompt text you wrote to our backend (tokeneyez.tre-lab.com/api/analyze), which then forwards it to Anthropic's Claude Haiku model for efficiency analysis. The prompt is processed for the duration of the analysis (typically under 3 seconds) only.

• We do not store the text of the prompt in any database, log file, or persistent storage.
• We store only numeric metadata about the analysis: prompt length in characters, returned score, latency, and the user_id of the requester.
• Anthropic's API is invoked with their default no-training settings; your prompt is not used by Anthropic to train AI models.
• This feature is opt-in per-prompt — it only activates on your explicit click and is never triggered automatically.

6. How we use information

We use the information described above strictly to:

• Display your usage statistics in the extension popup and the web dashboard
• Sync your statistics across your devices while signed in
• Enforce free-tier daily quotas and Pro/Teams entitlements
• Calculate utilization against the AI subscription plan you (optionally) declared, and send threshold-based alert emails (25/50/75/95% of plan) if you've enabled them
• Process your subscription payments via Paddle (Section 8)
• Provide the optional Rephrase / Prompt Intelligence feature on click
• Aggregate fully anonymized usage trends (no per-user data) to improve the service over time

We do NOT use your data for:

• Advertising, retargeting, or building advertising profiles of users
• Training, fine-tuning, or evaluating any AI model
• Selling, trading, renting, or transferring to data brokers, marketing partners, or any third party for their independent use
• Any purpose unrelated to the single purpose described in Section 1

7. How we share information

Data Disclosure and Non-Sale Statement. We do not sell, trade, or rent user personal identification information to third parties. User data is not used for any purposes other than providing and improving the core functionality of the TokenEyez extension. We do not use or share user data for advertisement purposes, including personalized, re-targeted, or interest-based advertising.

We share information only with the limited set of service providers strictly required to operate the service ("data processors"), and only the minimum data required for each provider's role:

• Supabase, Inc. — Hosts our PostgreSQL database and authentication service. Receives: account email, password hash, usage statistics, optimization events, and (optional) per-platform plan data. Privacy policy: supabase.com/privacy.
• Vercel Inc. — Hosts our backend API and static website. Processes API requests in transit. Privacy policy: vercel.com/legal/privacy-policy.
• Anthropic, PBC. — Provides the Claude Haiku model used by the optional Rephrase feature. Receives only the prompt text you click ✦ on, only at the moment you click, only for the duration of the analysis. Anthropic's API is configured no-train. Privacy policy: anthropic.com/legal/privacy.
• Paddle.com Market Limited — Acts as Merchant of Record for our paid subscriptions. Receives your billing email, country, and payment instrument data. We never see your full card number. Privacy policy: paddle.com/legal/privacy.
• Loops Inc. — Sends transactional alert emails (subscription utilization thresholds, account notices). Receives only your email and the variables embedded in the alert (e.g., platform name, percentage). Privacy policy: loops.so/privacy.

We may also disclose information if required to do so by law, court order, or other valid legal process, and only to the extent strictly necessary to comply.

8. Payments

Pro and Teams subscriptions and one-time top-up purchases are processed by Paddle.com Market Limited as our Merchant of Record. Paddle handles all aspects of payment processing, including the collection and storage of your credit card or other payment instrument details. We never see your full card number, CVV, or bank account details. We receive only the minimum information needed to fulfill your subscription: your email, the plan purchased, and a Paddle customer ID.

9. Where data lives (storage and security)

• On your device: Local preferences and a cached snapshot of your usage statistics, stored via chrome.storage.local. Cleared when you uninstall the extension.
• Supabase (EU region, PostgreSQL): Account profile, subscription record, numeric usage events, daily aggregates, optimization events, per-platform plan declarations. Protected by Row Level Security — each user can read only their own rows.
• Vercel (US/EU edge): Transient processing only — API requests are not persisted server-side beyond the duration of the request.
• Anthropic API (US): Prompt text passes through only when ✦ Rephrase is invoked, and is not retained.
• Paddle (global): Billing data only.
• Loops (US): Email address and per-alert metadata only.

Data in transit is protected by TLS 1.2+. Data at rest in Supabase is encrypted by the provider. Authentication uses Supabase Auth with industry-standard JWTs and password hashing (bcrypt). API service role keys are stored only in our backend's environment variables, never in extension code.

10. Cookies and tracking

The TokenEyez browser extension uses no cookies. The TokenEyez website (tokeneyez.tre-lab.com) uses no third-party analytics, no advertising tags, no tracking pixels, and no marketing cookies. Sign-in on the website uses a JSON Web Token (JWT) stored in browser localStorage; this is functional storage required to keep you signed in and is not used for tracking.

11. Your rights

Regardless of where you reside, you have the right to:

• Access the personal data we hold about you — request a JSON export at tokeneyezofficial@gmail.com.
• Correct inaccurate or incomplete data — sign in to your dashboard or email us.
• Delete your account and all associated data — email us; we delete within 30 days.
• Restrict or object to specific processing activities (e.g., disable email alerts, opt out of cross-device sync by signing out).
• Data portability — your JSON export is in a structured, commonly used machine-readable format.
• Withdraw consent at any time, where processing is based on consent.
• File a complaint with a supervisory authority — for EU residents, your local DPA; for California residents, the California Attorney General.

For California residents (CCPA): we do not sell your personal information. We have not sold personal information in the preceding 12 months. We do not knowingly collect personal information of users under 16.

12. Data retention

• Free accounts: Raw usage events kept for 7 days, daily aggregates for 30 days. Older raw events are automatically purged by a daily server-side cron.
• Pro accounts: Raw usage events kept for 3 years; daily aggregates retained indefinitely while the subscription is active.
• Teams accounts: Raw usage events kept for 5 years; daily aggregates retained indefinitely while the subscription is active.
• Account profile retained while the account is active. After deletion request, removed within 30 days.
• Billing records may be retained longer where required by tax or accounting law (typically 7 years).

13. Google API Services User Data Policy compliance

TokenEyez's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

The TokenEyez extension does not currently use any Google APIs that require OAuth scopes; it operates only via host_permissions on gemini.google.com to read DOM token counts in the same manner as it does for other AI platforms. If we add any future feature that requires a Google OAuth scope, we will update this policy and the extension's permission disclosures before doing so.

14. Children's privacy

TokenEyez is not directed to or intended for users under 16 years of age. We do not knowingly collect personal information from anyone under 16. If you believe a minor has provided us with personal information, please contact us and we will delete it.

15. International data transfers

Some of our service providers (Vercel, Anthropic, Paddle, Loops) are located in or operate from the United States. By using TokenEyez, you consent to your data being transferred to and processed in jurisdictions outside your country of residence. We ensure appropriate safeguards are in place via the contractual terms of each processor and reliance on their respective compliance frameworks (e.g., Standard Contractual Clauses, where applicable).

16. Security incident response

If we become aware of a data breach affecting your personal information, we will notify affected users by email within 72 hours of discovery, in accordance with GDPR Article 33 timelines, and will report to the relevant supervisory authority where required.

17. Changes to this policy

We may update this Privacy Policy from time to time. Material changes (changes that meaningfully affect what we collect or how we use your data) will be communicated via email to all registered users at least 14 days before they take effect. Minor clarifications, formatting changes, and corrections may be published without prior notice. The "Last updated" and "Effective" dates at the top of this policy reflect the most recent version.

18. Contact

If you have any questions about this Privacy Policy, your rights, or how we handle your data, please contact:

• Email: tokeneyezofficial@gmail.com
• Subject line for privacy requests: "Privacy Request" (helps us route faster)
• Response time: within 1 business day