Privacy Policy for AnkiBrain Last updated: July 24, 2023 This Privacy Policy describes how your personal information is collected, used, and shared when you use AnkiBrain (the "Extension"). There are two modes of usage in the Extension, which are Server Mode and Local Mode. 1. Personal Information We Collect When you use the Extension in Local Mode, we do not collect any information about you, your device, or anything else. The Extension, when used in Local Mode, does not communicate with AnkiBrain servers, nor any other external servers with the exception of the OpenAI servers (relevant policy can be found at https://openai.com/policies/privacy-policy) and the Python PIP package repository (https://www.python.org/privacy/). Usage of the Extension is subject to the Anki privacy policy as well (https://ankiweb.net/account/privacy#:~:text=The%20cards%20and%20associated%20media,emails%20related%20to%20your%20account) and terms and conditions (https://ankiweb.net/account/terms). When you use the Extension in Server Mode, basic information is collected about you for necessary function of the Extension. Information that is collected is limited to the following items and no others: - Email address - Password (stored as a cryptographically secure hash, not in plaintext) - Customer ID (used for Stripe payment vending) - List of the names of documents that have been uploaded Contents of the documents that are uploaded to the Extension servers are stored in an embedded vector database operated by Pinecone Systems, Inc. (https://www.pinecone.io/privacy/). The contents are not stored on the Extension's servers. Adding balance to the account operated under the Extension is done using financial systems operated by Stripe, Inc. (https://stripe.com/privacy). Payment information is never stored on the Extension servers. We collect this information using the following technologies: - Information is collected at Sign Up and during usage of the Extension. 2. How Do We Use Your Personal Information? We use the personal information we collect from you to: Provide, operate, and maintain the Extension; Communicate with you, directly, including for customer service, to provide you with updates and other information relating to the Extension; Send you emails; Find and prevent fraud; and For compliance purposes, including enforcing our Terms of Service, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency. 3. Sharing Your Personal Information We do not share any of your personal information with third parties with exception of those third parties mentioned above (Stripe, Pinecone, OpenAI) for necessary function of the Extension in Server Mode. In Local Mode, your information is shared with OpenAI only. Finally, we may also share your personal information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights. 4. Your Rights If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Extension), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States. 5. Changes We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. 6. Contact Us For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at ankibrain@rankmd.org and expect a reply within 3-7 business days.