Privacy Policy

Last Updated: June 4, 2026

At EchoFlow, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how our Chrome extension handles your data.

1. Local-First Architecture

EchoFlow is designed with a local-first architecture. This means:

  • No Account Required: You can use the core features of the extension without creating an account with us.
  • Local Storage: Your configurations, custom prompts, UI theme settings, API keys (e.g., Google Gemini API key), and summary history are stored strictly within your browser's secure local storage (using chrome.storage.local).
  • No Personal Server: We do not own, operate, or maintain any databases or servers to collect, store, or track your reading history or generated summaries.

2. Direct API Integration

To provide AI-powered summaries, EchoFlow connects directly from your browser to the designated AI models:

  • Direct Connection: All summarization requests are sent directly to the official Google Gemini API (or other platforms you explicitly set up) via HTTPS.
  • No Intermediaries: Your data and API keys never route through any third-party intermediary servers hosted by the developers of EchoFlow.
  • AI Provider Policies: Please note that the data sent to Google's Gemini API is subject to Google's terms and privacy policy. We highly recommend using API keys generated via Google AI Studio, as Google outlines that data sent through these keys is not used for model training.

3. Information We Do Not Collect

We do not collect, monitor, track, or share any of the following information:

  • Your browsing history or visited URLs (except when you explicitly trigger the extension to extract the content of the active tab).
  • Your IP address, location, or device configuration details.
  • The contents of the texts, articles, or transcripts you summarize.

4. Optional Firebase Features (Pro Plan)

For users who choose to upgrade to the EchoFlow Pro Plan, we utilize Google Firebase for user authentication and license verification:

  • When you upgrade, your Google OAuth account is verified via Firebase to confirm your active Pro subscription status.
  • This authentication data is used solely for license verification and is handled securely in compliance with Firebase Security Guidelines.

5. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be reflected by updating the "Last Updated" date at the top of this page. We encourage you to review this policy periodically to stay informed about how we protect your privacy.

6. Contact Us

If you have any questions, concerns, or feedback regarding this Privacy Policy or our practices, please feel free to reach out to us through our official GitHub Repository issues page.