Privacy Policy for FormScribe AI

Last updated: July 2025

1. Introduction
Welcome to FormScribe AI (“we”, “our”, “us”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Chrome extension and associated web services (collectively, the “Service”). By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Identity & Contact Data

Email address: Obtained via Google OAuth when you sign in.

Usage Data

Form field metadata: The names, labels, types, and current values (only if you choose to submit them) of HTML inputs on the active tab.

Extension events: Timestamps and success/failure flags for each autofill or parse attempt, used solely for billing/usage tracking.

File & Text Data

Uploaded files or pasted text that you choose to parse and autofill. This information is sent to our backend solely for the purpose of extracting your data and never stored beyond processing.

Payment & Subscription Data

Stripe customer and subscription IDs, and your plan tier. Used to manage billing and credits. We do not store your full payment method details.

3. How We Use Your Information

Core Service: To parse uploaded documents or text, map extracted values to the form fields on your page, and autofill them.

Authentication: To verify your identity (via Google OAuth) and link you to your saved usage/billing data.

Billing & Usage: To allocate and deduct credits against your chosen subscription tier.

Customer Support & Maintenance: To investigate errors, respond to support requests, and send you important notices (e.g. policy updates).

4. Sharing & Disclosure

Stripe: We share only your Stripe customer ID and subscription events to manage your plan.

Google: We use Google’s tokeninfo endpoint to verify your identity token.

Service Providers: We may engage trusted third parties (e.g. hosting, logging, analytics) under strict confidentiality agreements.

Legal Requirements: We may disclose data to comply with applicable laws, enforce our policies, or protect rights, property, or safety.

5. Data Retention

Usage logs: Kept for up to 12 months to support billing disputes and analytics, then purged.

Form metadata snapshots: Stored only as long as you have an active subscription or for up to 30 days post-expiration.

Uploaded files/text: Processed in-memory and never persisted on disk or in our database.

6. Security

All data in transit is encrypted via HTTPS/TLS.

Sensitive tokens (Google OAuth tokens, Stripe signing secret, your database URL) are stored securely in environment variables and never committed to source control.

Access to our databases and servers is limited to authorized personnel only.

7. Your Choices

Sign‑out: You can revoke our access to your Google identity at any time via your Google Account settings.

Cancel subscription: Use our “Manage Subscription” portal link in the extension UI to downgrade to free tier.

Data deletion: Email us at formscribe@1379.tech to request full deletion of your account and associated data.

8. Children’s Privacy
Our Service is not directed to individuals under 13. We do not knowingly collect information from children under 13.

9. Changes to This Policy
We may update this Privacy Policy from time to time. We’ll post the new version on our website and in the extension’s “About” page, with a new “Last updated” date.

10. Contact Us
If you have any questions about this Privacy Policy or our data practices, please email us at formscribe@1379.tech.