Privacy Policy
Last updated: January 15, 2026
Effective date: January 15, 2026
1. Introduction
Welcome to Auto Directory Submission ("we," "our," or "us"), operated by Maxime Marsal. We are committed to protecting your privacy and ensuring you have a positive experience when using our Chrome extension and services.
This Privacy Policy explains how we collect, use, store, share, and safeguard your information when you use our Chrome extension ("Extension") and related website and services (collectively, "Services").
By using our Services, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
2.1 Personal Information You Provide
When you use our Services, you may provide:
- Account Information: Email address and display name when you register via Google Sign-In or email registration.
- Company/Product Profiles: Business name, description, website URL, contact information, and other details you enter. This data is stored locally on your device.
- Images: Company logos and product screenshots you upload for form auto-filling. These are stored locally in your browser using IndexedDB.
- Payment Information: When you subscribe to a paid plan, payment is processed by Stripe. We do not store your credit card details.
2.2 Information Collected Automatically
- Authentication Tokens: Temporary Firebase authentication tokens stored in your browser for API access.
- Usage Statistics: Anonymized data about feature usage (e.g., number of forms filled) to improve our service.
- Credit Balance: Your remaining AI credits, stored in our database.
- Subscription Status: Your current plan and subscription status.
2.3 Information We Do NOT Collect
- We do NOT collect or store the content of forms you fill out on third-party websites
- We do NOT track your browsing history or visited URLs
- We do NOT collect data from forms you don't explicitly auto-fill
- We do NOT access or read your emails
- We do NOT sell, rent, or trade your personal information
3. How We Use Your Information
We use the information we collect for the following purposes:
3.1 To Provide Our Services
- Authenticate your identity and manage your account
- Process AI-powered form auto-fill requests using your company profile
- Track your credit usage and subscription status
- Provide customer support
3.2 To Improve Our Services
- Analyze usage patterns to improve features
- Fix bugs and technical issues
- Develop new features
3.3 To Communicate With You
- Send account verification emails
- Send important service updates and security alerts
- Respond to your support requests
4. Data Storage
4.1 Local Storage (On Your Device)
The following data is stored locally on your device and never transmitted to our servers:
- Company Profiles: Stored in Chrome's local storage API
- Images: Stored in IndexedDB in your browser
- Extension Preferences: Settings like floating button visibility
You can delete this data at any time by clearing your browser data or uninstalling the extension.
4.2 Cloud Storage (On Our Servers)
The following data is stored on our secure servers:
- Account Information: Email, display name, account creation date
- Subscription Data: Plan type, billing cycle, subscription status
- Credit Balance: Your remaining AI credits
- Authentication Data: Encrypted authentication tokens
4.3 Storage Location
Our cloud data is stored on Google Cloud Platform (Firebase) servers located in the United States and European Union. All data is encrypted in transit and at rest.
5. Data Retention
We retain your data for the following periods:
- Account Information: Retained until you delete your account or request deletion
- Subscription Data: Retained for 7 years after subscription ends for legal/tax purposes
- Usage Logs: Anonymized and retained for up to 90 days
- AI Processing Data: Not retained - deleted immediately after processing each request
- Local Data: Retained until you clear browser data or uninstall the extension
When you delete your account, we will delete your personal information within 30 days, except where we are required to retain it for legal purposes.
6. Data Sharing and Disclosure
6.1 Third-Party Service Providers
We share data with the following service providers who help us operate our Services:
- Firebase (Google): Authentication and database services - Privacy Policy
- Stripe: Payment processing - Privacy Policy
- DeepSeek: AI processing for form auto-fill (only your company description is sent, no personal data) - Privacy Policy
- Railway: Backend hosting - Privacy Policy
- Vercel: Website hosting - Privacy Policy
6.2 We Do NOT Share Data With
- Advertisers or ad networks
- Data brokers
- Social media platforms
- Any third parties for marketing purposes
6.3 Legal Requirements
We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.
7. Data Security
We implement industry-standard security measures to protect your data:
- Encryption in Transit: All data transmitted between your browser and our servers uses TLS 1.3 encryption (HTTPS)
- Encryption at Rest: Data stored on our servers is encrypted using AES-256 encryption
- Access Controls: Strict access controls limit who can access user data
- Authentication: Firebase Authentication with secure token-based authentication
- Payment Security: PCI-DSS compliant payment processing through Stripe
- Regular Audits: We regularly review our security practices
While we strive to protect your data, no method of transmission or storage is 100% secure. If you become aware of any security issues, please contact us immediately.
8. Your Rights and Choices
8.1 Your Rights
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data we hold
- Correction: Request correction of inaccurate data
- Deletion: Request deletion of your personal data ("right to be forgotten")
- Portability: Request your data in a portable format
- Objection: Object to certain processing of your data
- Restriction: Request restriction of processing
- Withdraw Consent: Withdraw consent at any time where processing is based on consent
8.2 How to Exercise Your Rights
To exercise any of these rights:
- Email us at privacy@auto-directory-submission.com
- Delete your local data by uninstalling the extension
- Delete your account through the dashboard settings
We will respond to your request within 30 days.
8.3 For EU/EEA Residents (GDPR)
If you are in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your data includes:
- Contract: Processing necessary to provide our Services
- Legitimate Interest: Processing for fraud prevention and service improvement
- Consent: Where you have given explicit consent
8.4 For California Residents (CCPA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), including the right to know what data we collect and the right to opt-out of the sale of personal information. We do not sell your personal information.
9. Cookies and Tracking
Our website uses essential cookies for authentication and functionality. We do not use advertising or tracking cookies.
- Authentication Cookies: To keep you logged in
- Preference Cookies: To remember your settings
The Chrome extension does not use cookies - it uses Chrome's storage API instead.
10. Children's Privacy
Our Services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@auto-directory-submission.com.
11. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence, including the United States. We ensure appropriate safeguards are in place for such transfers, including:
- Standard Contractual Clauses approved by the European Commission
- Using service providers that are certified under the EU-US Data Privacy Framework
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the new Privacy Policy on this page
- Updating the "Last updated" date at the top
- Sending you an email notification for significant changes
We encourage you to review this Privacy Policy periodically for any changes.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Auto Directory Submission
Operated by: Maxime Marsal
Email: privacy@auto-directory-submission.com
General Contact: contact@auto-directory-submission.com
Summary
- Your company profiles and images are stored locally on your device
- We only store minimal account data (email, subscription status) on our servers
- AI requests are processed and immediately deleted - not stored
- We never sell your data
- You can delete your data at any time
- We use industry-standard encryption and security