PromptFlow Privacy Policy

Learn how PromptFlow AI Writing Assistant extension handles your data. Complete privacy policy covering data collection, storage, sharing, and your rights.

Privacy Policy for PromptFlow - AI Writing Assistant for Any Website

Last Updated: June 24, 2026


Table of Contents

  1. 01Introduction
  2. 02Definitions
  3. 03Data Controller and Contact Information
  4. 04Scope of This Privacy Policy
  5. 05Information We Collect
  6. 06How We Collect Your Information
  7. 07How We Use Your Information
  8. 08Legal Basis for Processing (GDPR and International)
  9. 09Data Sharing and Disclosure
  10. 10Third-Party LLM Providers
  11. 11Data Storage and Security
  12. 12Data Retention and Deletion
  13. 13International Data Transfers
  14. 14Your Rights and Choices
  15. 15California Privacy Rights (CCPA/CPRA)
  16. 16Children's Privacy
  17. 17Changes to This Privacy Policy
  18. 18Limited Use Disclosure
  19. 19Contact Information

1. Introduction

PromptFlow is a browser extension (hereafter referred to as "the Extension," "PromptFlow," "our Extension," or "the Product") developed and operated by OUTGRAVE ("we," "us," "our," or "the Company"). PromptFlow provides AI-powered writing assistance that works across any website, allowing users to improve, summarize, rewrite, and transform text using the large language model (LLM) provider of their choice.

This Privacy Policy explains in detail how the PromptFlow Extension collects, uses, stores, processes, shares, and protects your information when you install and use the Extension. It also explains your rights regarding your personal data and how you can exercise those rights.

By installing and using the PromptFlow Extension, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with any part of this policy, you should uninstall the Extension immediately.


2. Definitions

For the purposes of this Privacy Policy, the following terms have the meanings ascribed to them below:

  • "Extension" or "PromptFlow" — The PromptFlow - AI Writing Assistant for Any Website browser extension for Google Chrome.
  • "OUTGRAVE," "we," "us," "our" — The company that develops, owns, and operates the PromptFlow Extension.
  • "You," "your," "user," "data subject" — Any individual who installs, accesses, or uses the PromptFlow Extension.
  • "LLM Provider" — A third-party large language model service provider (such as OpenAI, Anthropic, Google, Groq, OpenRouter, or a custom endpoint) that processes text submitted through the Extension.
  • "Chrome Storage" or "chrome.storage.local" — The browser-provided local storage mechanism used by Chrome Extensions to store data locally on the user's device.
  • "Content Script" — A script injected by the Extension into web pages that the user visits on configured domains.
  • "Service Worker" (also "Background Script") — The Extension's background process that handles subscription verification, OAuth flows, and other background tasks.
  • "OAuth" — Open Authorization protocol used for secure authentication with OUTGRAVE servers.
  • "Personal Data" or "Personal Information" — Any information relating to an identified or identifiable natural person.
  • "Processing" — Any operation performed on personal data, including collection, storage, use, transmission, or deletion.
  • "API Key" — An authentication credential provided by an LLM Provider that allows the Extension to access that provider's services on your behalf.
  • "Configuration Data" — Settings, preferences, and customizations stored locally by the Extension, including domain whitelists, action prompts, and LLM settings.
  • "Third Party" — Any natural or legal person, public authority, agency, or body other than you, us, or the data processor.
  • "Data Controller" — OUTGRAVE, which determines the purposes and means of processing personal data in connection with the Extension.

3. Data Controller and Contact Information

Data Controller:

OUTGRAVE Email: privacy@outgrave.com Website: https://outgrave.com

Data Protection Officer:

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Data Protection Officer at:

Email: dpo@outgrave.com Mailing Address: OUTGRAVE, Attn: Data Protection Officer

We will respond to all legitimate requests within the timeframes required by applicable law (generally within 30 days, with a possible extension of up to 60 additional days for complex or voluminous requests).


4. Scope of This Privacy Policy

4.1 What This Policy Covers

This Privacy Policy applies exclusively to the PromptFlow browser extension for Google Chrome. It covers all data handling practices related to the Extension's installation, configuration, operation, and uninstallation.

4.2 What This Policy Does Not Cover

This Privacy Policy does not cover:

  • The privacy practices of third-party LLM providers (OpenAI, Anthropic, Google, Groq, OpenRouter, or any custom endpoint you configure). You should review the privacy policies of those providers separately.
  • The privacy practices of websites where you use the Extension. The Extension operates within other websites, but those websites' own privacy policies govern their data collection practices.
  • The privacy practices of the OUTGRAVE website (outgrave.com) when accessed directly outside of the Extension's functionality.
  • Any third-party services, applications, or websites that may be linked from the Extension or the OUTGRAVE website.

4.3 Acceptance of Terms

BY INSTALLING AND USING THE PROMPTFLOW EXTENSION, YOU EXPLICITLY ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO ALL TERMS AND CONDITIONS OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH ANY PART OF THIS POLICY, YOU MUST UNINSTALL THE EXTENSION IMMEDIATELY.

Your continued use of the Extension constitutes your ongoing acceptance of this Privacy Policy and any future amendments. We reserve the right to modify this policy at any time, and such modifications become effective immediately upon posting.


5. Information We Collect

The PromptFlow Extension is designed with a privacy-first architecture. We collect only the minimum information necessary to provide the Extension's functionality. Below is a comprehensive description of all data types that the Extension handles.

5.1 Text Content You Choose to Process

What we collect: The Extension reads text from text input fields, textareas, and content-editable elements on websites that you have explicitly configured in the Extension's domain whitelist.

How it works: When you are focused on a supported input field on a whitelisted domain and there is text present, the Extension displays a toolbar with action buttons (Improve, Summarize, etc., plus any custom actions you create). When you click an action button, the Extension reads the text from that input field.

Important Notes:

  • The Extension only reads text from domains you have explicitly whitelisted in the Extension settings.
  • The Extension only reads text when you interact with an input field (focus, type, or click an action button).
  • The Extension does not passively read, log, monitor, or transmit text without your explicit action.
  • The Extension does not read text from password fields, hidden fields, or file input fields.
  • The Extension does not perform keystroke logging or record your typing history.
  • The text you process is not stored by the Extension or by OUTGRAVE servers.

5.2 LLM Configuration (API Keys, Model Selection, Endpoint)

What we collect: When you configure the Extension to use an LLM provider, you provide:

  • Provider selection (OpenAI, Anthropic, Google Gemini, Groq, OpenRouter, or Custom)
  • Model name (e.g., gpt-4o, claude-3-5-sonnet, gemini-1.5-pro)
  • API Key (an authentication credential for the chosen provider)
  • Maximum tokens (response length preference)
  • Custom endpoint URL (if using a custom OpenAI-compatible provider)

Where it is stored: All LLM configuration is stored exclusively in your browser's chrome.storage.local — a secure, isolated storage area that only the Extension can access.

What we do NOT do:

  • We do not transmit your API keys to OUTGRAVE servers.
  • We do not store your API keys on any server.
  • We do not have access to your API keys.
  • We do not log, cache, or retain your API keys outside of your local browser storage.

5.3 Domain Whitelist

What we collect: A list of website domains where you want the Extension to be active (e.g., chatgpt.com, gemini.google.com, plus any custom domains you add).

Where it is stored: Stored locally in chrome.storage.local under the key pf_config.

How it is used: The Extension checks this list to determine whether to activate its toolbar on a given website. The Extension does not operate on websites that are not in this list.

5.4 Custom Prompt Actions

What we collect: Custom action definitions that you create, including an action label and a prompt template. The prompt template may contain the {{text}} placeholder that is replaced with your selected text when the action is used.

Where it is stored: Stored locally in chrome.storage.local under the key pf_config.

5.5 OAuth Tokens (for Subscription Authentication)

What we collect: If you choose to sign in to an OUTGRAVE account (optional), the Extension collects and stores:

  • Access token — A temporary credential used to authenticate with OUTGRAVE's subscription verification API.
  • Refresh token — A longer-lived credential used to obtain new access tokens when the current one expires.

Where it is stored: These tokens are stored locally in chrome.storage.local under the key pf_tier. They are also stored on OUTGRAVE's servers as part of your account authentication system.

Why we collect this: These tokens are necessary to verify your subscription status and determine which plan features and limits apply to your account.

5.6 Subscription Information

What we collect: When you purchase a subscription, the Extension may store:

  • Subscription ID — A unique identifier for your subscription, received from the OUTGRAVE subscription page after a successful purchase.
  • Subscription status — Whether your subscription is active, pending, cancelled, or expired.
  • Plan ID — Which plan you are on (free, monthly, yearly, or lifetime).
  • Plan name — The human-readable name of your plan.
  • Group ID and title — The product group your subscription belongs to.
  • Duration and billing information — Subscription start date, next billing date, days remaining.

Where it is stored: A cached copy is stored locally in chrome.storage.local under the key pf_sub. The authoritative record is stored on OUTGRAVE's servers.

5.7 Daily Usage Counter

What we collect: A local counter that tracks how many text processing actions you have performed on a given calendar day. This counter consists of:

  • Date (YYYY-MM-DD format)
  • Count (number of actions performed that day)

Where it is stored: Locally in chrome.storage.local under the key pf_msg_count.

Why we collect this: To enforce daily message limits based on your subscription plan. This counter resets automatically each day and is not transmitted to OUTGRAVE servers.

5.8 OAuth Flow State Data (Temporary)

What we collect: During the OAuth sign-in flow, the Extension temporarily stores:

  • OAuth state nonce — A random value used to prevent cross-site request forgery (CSRF) during OAuth. This is deleted immediately after the OAuth flow completes.
  • OAuth monitor tab ID — The ID of the browser tab being monitored for the OAuth redirect. This is deleted immediately after the OAuth flow completes.

Where it is stored: Temporarily in chrome.storage.local.

5.9 Agreement Status

What we collect: A boolean flag indicating whether you have accepted the terms of use and privacy policy.

Where it is stored: Locally in chrome.storage.local.

5.10 Information We Do NOT Collect

PromptFlow is designed to collect the absolute minimum data necessary. We explicitly do not collect:

  • Browsing history or web activity logs
  • Keystroke data, mouse movements, or form interactions outside of the specific text you choose to process
  • Cookies from any website
  • Personal identification information (name, email address, phone number, physical address) — except through the optional OAuth sign-in process which collects only an email address for account purposes
  • Payment information — All payments are processed through third-party payment processors (Stripe, PayPal, etc.) and we do not collect or store full credit card numbers or bank account details
  • Location data (precise or approximate)
  • Device identifiers beyond what the browser provides
  • IP address (except as necessary for HTTP request routing to OUTGRAVE servers)
  • Passwords or credentials for any website
  • Screenshots or screen recordings of your browsing activity
  • Audio, video, or image content from web pages
  • Social media data or contacts
  • Health information or sensitive personal data

6. How We Collect Your Information

6.1 Direct User Configuration

The majority of information handled by the Extension is provided directly by you through the Extension's popup interface. This includes:

  • When you add domains to your whitelist
  • When you configure your LLM provider, model, and API key
  • When you create custom prompt actions
  • When you configure per-domain toolbar positions
  • When you sign in to an OUTGRAVE account
  • When you agree to the terms of use

6.2 User Interaction with the Extension

When you use the Extension to process text, the following occurs automatically at the moment you click an action button:

  1. 01The Extension reads the text from the currently focused input field on a whitelisted domain.
  2. 02The text is combined with your chosen action's prompt template.
  3. 03The combined prompt is sent directly from your browser to your configured LLM provider's API endpoint.

6.3 OAuth Authentication

If you choose to sign in, the OAuth flow involves:

  1. 01The Extension opens the OUTGRAVE login page in a new browser tab.
  2. 02You authenticate with OUTGRAVE (typically via email/password or a social login provider).
  3. 03An authorization code is returned to the Extension's callback page.
  4. 04The Extension exchanges this code for access and refresh tokens by communicating with OUTGRAVE's API server.
  5. 05The tokens are stored locally.

6.4 Subscription Verification

After completing a purchase on the OUTGRAVE subscription page:

  1. 01The subscription ID is received from the subscription page via a secure postMessage.
  2. 02The Extension's background service worker sends this ID to OUTGRAVE's subscription verification API.
  3. 03The server returns the subscription status, which is cached locally.

7. How We Use Your Information

7.1 Core Extension Functionality

Text Processing: The primary purpose of the Extension is to process text that you select. When you click an action button:

  1. 01The Extension reads the text from the input field.
  2. 02It replaces the {{text}} placeholder in your chosen action's prompt template with the actual text.
  3. 03It sends the completed prompt to your configured LLM provider.
  4. 04The LLM provider processes the text and returns a response.
  5. 05The Extension inserts the response back into the input field.

Purpose: To provide AI-powered writing assistance exactly where and when you need it.

Lawful basis: Your explicit consent (you take a deliberate action — clicking a button — to initiate text processing).

7.2 Extension Configuration and Personalization

We use your configuration data (domain whitelist, custom actions, LLM settings, toolbar positions) to:

  • Determine which websites the Extension should be active on
  • Display your custom action buttons in the toolbar
  • Connect to your preferred LLM provider using your chosen model and settings
  • Position the toolbar where you prefer it relative to input fields

Purpose: To provide a personalized experience that works the way you want it to.

Lawful basis: Contractual necessity (this configuration is essential for the Extension to function according to your preferences).

7.3 Subscription Management

We use your OAuth tokens and subscription information to:

  • Authenticate your account with OUTGRAVE servers
  • Verify your subscription status
  • Apply the correct plan limits (domains, custom actions, daily messages)
  • Determine which features and positions are available to you

Purpose: To manage your account and provide the features associated with your plan.

Lawful basis: Contractual necessity (subscription verification is necessary to provide the paid features you have purchased).

7.4 Daily Usage Tracking

We use the local daily message counter to:

  • Track how many text processing actions you have performed today
  • Enforce daily message limits associated with your plan
  • Display your usage in the Extension's popup

Purpose: To ensure fair usage according to your plan's terms.

Lawful basis: Contractual necessity.

7.5 Security and Abuse Prevention

We use authentication data to:

  • Verify your identity when you sign in
  • Protect your account from unauthorized access
  • Detect and prevent fraudulent or abusive use of the Extension
  • Maintain the security and integrity of the Extension and its associated services

Purpose: To protect you, other users, and the Extension from security threats.

Lawful basis: Legitimate interest.

7.6 Service Improvement and Analytics

We may use aggregated, anonymized data to:

  • Understand how the Extension is used
  • Identify performance issues or bugs
  • Improve the Extension's functionality and user experience
  • Develop new features

Important: Any data used for these purposes is stripped of all personally identifiable information and aggregated so that individual users cannot be identified.

Lawful basis: Legitimate interest.

7.7 Legal Compliance

We may process your information to:

  • Comply with applicable laws, regulations, and legal requirements
  • Respond to valid legal requests from law enforcement or regulatory authorities
  • Establish, exercise, or defend legal claims
  • Enforce our Terms of Service and this Privacy Policy

Lawful basis: Legal obligation.

7.8 What We Do NOT Do With Your Information

We do NOT:

  • Sell your personal data to any third party
  • Use your data for advertising or marketing personalization
  • Build a profile of you for commercial purposes
  • Share your text content with anyone other than the LLM provider you explicitly chose
  • Analyze, mine, or derive insights from your text content
  • Use your API keys for any purpose other than connecting to your chosen LLM provider
  • Track your browsing activity across websites
  • Share your data with data brokers or advertising networks

8. Legal Basis for Processing (GDPR and International)

If you are located in the European Economic Area (EEA), the United Kingdom, Switzerland, or other jurisdictions with comprehensive data protection laws, we process your personal data based on the following legal grounds:

8.1 Consent (Article 6(1)(a) GDPR)

We rely on your consent when:

  • You agree to the terms of use upon first launching the Extension
  • You click an action button to process text through an LLM provider
  • You choose to sign in to an OUTGRAVE account
  • You configure the Extension with your preferences

Right to withdraw: You may withdraw your consent at any time by uninstalling the Extension or by clearing your Extension data. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

8.2 Contractual Necessity (Article 6(1)(b) GDPR)

We process your data as necessary to:

  • Provide the Extension's core functionality (text processing)
  • Manage your subscription and account
  • Apply the correct plan limits
  • Deliver the features you have requested

8.3 Legal Obligation (Article 6(1)(c) GDPR)

We process your data as necessary to comply with:

  • Applicable data protection laws
  • Tax and accounting obligations related to subscription transactions
  • Legal requests from authorized authorities

8.4 Legitimate Interests (Article 6(1)(f) GDPR)

We process your data based on our legitimate interests to:

  • Ensure the security and integrity of the Extension
  • Prevent fraud and abuse
  • Improve and develop the Extension
  • Establish, exercise, or defend legal claims

We have conducted a Legitimate Interest Assessment (LIA) and determined that our legitimate interests do not override your fundamental rights and freedoms.


9. Data Sharing and Disclosure

9.1 LLM Providers (User-Selected)

When you use the Extension to process text, the text content you selected is transmitted to the LLM provider you have configured. This is an intentional and explicit action that you initiate by clicking an action button.

LLM Providers supported:

  • OpenAI — Endpoint: https://api.openai.com/v1/chat/completions
  • Anthropic (Claude) — Endpoint: https://api.anthropic.com/v1/messages
  • Google (Gemini) — Endpoint: https://generativelanguage.googleapis.com/v1beta/models/{model}:generateContent
  • Groq — Endpoint: https://api.groq.com/openai/v1/chat/completions
  • OpenRouter — Endpoint: https://openrouter.ai/api/v1/chat/completions
  • Custom — Any OpenAI-compatible endpoint you specify

What is shared with LLM Providers:

  • The text prompt (your selected text combined with the action's prompt template)
  • Your API key (as a Bearer token in the Authorization header, or API key parameter, as required by the provider)
  • Request metadata (model name, max tokens parameter)

What is NOT shared with LLM Providers:

  • Any personal identification information about you
  • Your browsing history or current page URL
  • Other Extension configuration data
  • Your OUTGRAVE account tokens

Important: Each LLM provider has its own privacy policy governing how it handles the data you send. We encourage you to review those policies:

  • OpenAI Privacy Policy: https://openai.com/policies/privacy-policy
  • Anthropic Privacy Policy: https://www.anthropic.com/privacy
  • Google Privacy Policy: https://policies.google.com/privacy
  • Groq Privacy Policy: https://groq.com/privacy-policy
  • OpenRouter Privacy Policy: https://openrouter.ai/privacy

9.2 OUTGRAVE Servers

We share the following data with OUTGRAVE's servers (api.outgrave.com and outgrave.com):

  • OAuth authorization codes (during authentication)
  • Access and refresh tokens (during subscription verification)
  • Subscription IDs (during subscription verification)
  • Login credentials (if you sign in via email/password on the OUTGRAVE login page)

All communications with OUTGRAVE servers are encrypted using TLS 1.2 or higher.

9.3 Service Providers

We may engage trusted third-party service providers to perform functions on our behalf, including:

  • Cloud hosting — OUTGRAVE's API servers are hosted by reputable cloud infrastructure providers
  • Payment processing — Subscription payments are processed by third-party payment processors (we do not collect or store full payment credentials in the Extension)
  • Email services — For account-related communications (if applicable)

All service providers are contractually obligated to protect your data and use it only for the specific purposes we authorize.

9.4 Legal Compliance and Enforcement

We may disclose your information if required by:

  • Applicable law, regulation, or legal process
  • A valid subpoena, court order, or government request
  • To protect our rights, property, or safety, or the rights, property, or safety of others
  • To enforce our Terms of Service or this Privacy Policy
  • To detect, prevent, or investigate fraud, abuse, or illegal activities

9.5 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will use reasonable efforts to notify you of any such change in ownership or control of your personal data.

9.6 Aggregated and Anonymized Data

We may share aggregated or anonymized data that cannot be used to identify any individual with third parties for any lawful purpose, including research, analysis, and reporting.

9.7 With Your Consent

We may share your information for any other purpose with your explicit consent.

9.8 No Sale of Personal Data

We do not sell your personal data to any third party. This includes any transfer of personal data for monetary consideration or other valuable consideration. We do not share your data with data brokers, advertising networks, or other information resellers.


10. Third-Party LLM Providers

10.1 How Text Is Sent to LLM Providers

When you click an action button in the Extension toolbar, the following sequence occurs:

  1. 01The Extension reads the text from the currently focused input field.
  2. 02The Extension substitutes the text into your chosen action's prompt template.
  3. 03The completed prompt is sent directly from your browser to the LLM provider's API endpoint.
  4. 04The LLM provider processes the prompt and returns a generated response.
  5. 05The Extension inserts the response back into the input field.

10.2 Data Flow Diagram

Your Text Input
      |
      v
[PromptFlow Extension] (your browser)
      |
      v
[LLM Provider API] (OpenAI / Anthropic / Google / Groq / OpenRouter / Custom)
      |
      v
Response returned
      |
      v
Your Text Input (updated with response)

10.3 Your Responsibility

You are responsible for:

  • Choosing which LLM provider to use
  • Ensuring you have the right to use that provider's API (including any applicable API key and payment arrangements)
  • Understanding that provider's privacy policy and terms of service
  • Complying with any applicable laws regarding the data you send to LLM providers

10.4 Provider Data Handling

Each LLM provider has its own policies regarding:

  • How long they retain prompts and responses
  • Whether they use submitted data for training purposes
  • How they secure data in transit and at rest
  • Whether they share data with third parties

We have no control over and assume no responsibility for the data handling practices of third-party LLM providers. You should review each provider's privacy policy before using the Extension with that provider.


11. Data Storage and Security

11.1 Local Storage (Chrome Storage Local)

The Extension uses Chrome's built-in chrome.storage.local API to store configuration data, tokens, and usage counters. This storage has the following characteristics:

  • Isolated: Each extension has its own private storage area that cannot be accessed by other extensions or websites.
  • Encrypted at rest: Chrome encrypts local storage data on disk.
  • Sandboxed: The Extension's storage is protected by Chrome's security sandbox.
  • User-accessible: You can view and clear the Extension's storage through Chrome's extension management page (chrome://extensions).

Data stored locally includes:

  • LLM configuration (provider, model, API key, endpoint, max tokens)
  • Domain whitelist
  • Custom prompt actions
  • OAuth tokens (access and refresh tokens)
  • Subscription cache
  • Daily usage counter
  • Agreement status
  • OAuth session state (temporary)

11.2 Data in Transit

All data transmitted over the network is protected using modern encryption:

  • OUTGRAVE API communications: TLS 1.2 or higher (HTTPS)
  • LLM Provider API communications: HTTPS (enforced by all supported providers)
  • Subscription verification response: AES-256-CBC encrypted protobuf payload

11.3 Server-Side Storage (OUTGRAVE)

The following data may be stored on OUTGRAVE's servers:

  • OAuth credentials (access tokens, refresh tokens) — for authentication purposes
  • Subscription records (subscription ID, plan, status, billing information) — for subscription management
  • Account information (email address, if you create an account) — for account management

Server-side storage is protected by:

  • Encryption at rest (AES-256)
  • Encryption in transit (TLS 1.2+)
  • Access controls and authentication
  • Regular security audits
  • Firewalls and intrusion detection systems

11.4 Security Measures Implemented by the Extension

The Extension implements the following security measures:

  • Content script context validation: The Extension verifies that the extension context is valid before performing any storage operations, preventing errors from compromised or outdated contexts.
  • CSRF protection: The OAuth flow uses a random state nonce to prevent cross-site request forgery attacks.
  • Origin validation: The subscription bridge content script validates that postMessage events originate from the expected OUTGRAVE origin.
  • Secure credential handling: API keys and OAuth tokens are stored only in Chrome's secure local storage and are never transmitted to OUTGRAVE servers.
  • Encrypted server responses: Subscription verification responses from OUTGRAVE servers are encrypted using AES-256-CBC.

11.5 No Guarantee of Absolute Security

While we implement industry-standard security measures, no method of electronic storage or transmission over the internet is 100% secure. We cannot guarantee the absolute security of your data. You use the Extension at your own risk.


12. Data Retention and Deletion

12.1 Local Data Retention Periods

Data TypeRetention PeriodReason
LLM Configuration (API keys, model, endpoint)Until you modify or delete it, or until you uninstall the ExtensionRequired for the Extension to function
Domain WhitelistUntil you modify or delete it, or until you uninstall the ExtensionRequired for the Extension to function
Custom Prompt ActionsUntil you modify or delete it, or until you uninstall the ExtensionRequired for the Extension to function
OAuth TokensUntil you sign out, or until tokens expire, or until you uninstall the ExtensionRequired for subscription verification
Subscription CacheUntil next successful verification, or until you uninstall the ExtensionRequired for offline access to plan limits
Daily Usage CounterResets daily automatically; retained until you uninstall the ExtensionRequired for plan limit enforcement
OAuth State NonceDeleted immediately after OAuth flow completesSession-only, single-use
OAuth Monitor Tab IDDeleted immediately after OAuth flow completesSession-only

12.2 Server-Side Data Retention

Data TypeRetention PeriodReason
OAuth TokensUntil account deletion or token revocationRequired for authentication
Subscription RecordsDuration of subscription + 36 months after cancellationLegal, tax, and business requirements
Account Information (email)Until account deletionRequired for account management

12.3 How to Delete Your Data

Option 1: Uninstall the Extension All locally stored Extension data is automatically deleted when you uninstall the Extension from Chrome. To uninstall:

  1. 01Right-click the Extension icon in the Chrome toolbar
  2. 02Select "Remove from Chrome"
  3. 03Confirm the removal

Option 2: Clear Extension Data You can clear all Extension data while keeping the Extension installed:

  1. 01Go to chrome://extensions in Chrome
  2. 02Find PromptFlow
  3. 03Click "Details"
  4. 04Scroll down and click "Clear storage" under "Extension settings"

Option 3: Individual Data Management You can modify or delete specific data through the Extension's popup interface:

  • Remove domains from your whitelist
  • Delete custom prompt actions
  • Change or clear your LLM configuration
  • Sign out of your OUTGRAVE account

Option 4: Account Deletion To request deletion of your OUTGRAVE account and associated server-side data, contact us at privacy@outgrave.com. Upon receiving a verified deletion request, we will:

  1. 01Deactivate your account within 5 business days
  2. 02Begin the deletion process within 30 days
  3. 03Complete deletion of your personal data within 90 days, subject to legal and operational retention requirements

12.4 Data Deletion After Uninstallation

When you uninstall the Extension:

  • All data stored in chrome.storage.local is automatically deleted by Chrome.
  • OUTGRAVE retains server-side records (OAuth tokens, subscription data) as described in Section 12.2. You must separately request account deletion for server-side data removal.
  • LLM providers may retain prompts and responses according to their own data retention policies.

13. International Data Transfers

13.1 Data Transfer Locations

Your data may be transferred to, stored, and processed in countries where:

  • OUTGRAVE's servers are located
  • Your chosen LLM provider's servers are located
  • Third-party service providers (cloud hosting, payment processing) operate

These countries may include:

  • United States
  • European Union member states
  • United Kingdom
  • Canada
  • Australia
  • India
  • Singapore
  • Japan

13.2 Transfer Safeguards

When we transfer personal data from the European Economic Area (EEA), United Kingdom, Switzerland, or other jurisdictions with comprehensive data protection laws to countries that have not been deemed to provide adequate data protection, we implement appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs): We use the European Commission's Standard Contractual Clauses (2021 version) and the UK International Data Transfer Agreement (IDTA) where applicable.
  • Adequacy Decisions: We may transfer data to countries that have been deemed adequate by the European Commission or UK Government.

13.3 LLM Provider Transfers

When you use the Extension with an LLM provider, your text data is transferred directly from your browser to that provider's servers. These transfers are initiated by you and are subject to the LLM provider's own data transfer and processing terms. You are responsible for ensuring that your use of each LLM provider complies with applicable data protection laws.

13.4 Your Consent to International Transfers

By using the Extension, you acknowledge and agree that your data may be transferred to and processed in countries outside your country of residence, including countries that may have different or less protective data protection laws than your country of residence.


14. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data. We will respond to all legitimate requests within the timeframes required by applicable law.

14.1 Right to Access

You have the right to request confirmation of whether we process your personal data and, if so, to access that data along with information about:

  • The categories of data we process
  • The purposes of processing
  • The categories of recipients with whom we share data
  • The retention period or criteria used to determine retention
  • The source of the data (if not collected directly from you)

14.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

14.3 Right to Deletion ("Right to Be Forgotten")

You have the right to request deletion of your personal data where:

  • The data is no longer necessary for the purposes for which it was collected
  • You withdraw your consent and there is no other legal basis for processing
  • You object to processing based on legitimate interests and there are no overriding legitimate grounds
  • The data has been unlawfully processed
  • Deletion is required by applicable law

14.4 Right to Restrict Processing

You have the right to restrict processing of your personal data where:

  • You contest the accuracy of the data (for a period enabling us to verify accuracy)
  • The processing is unlawful and you oppose deletion
  • We no longer need the data but you require it for legal claims
  • You have objected to processing pending verification of our legitimate grounds

14.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller where:

  • The processing is based on consent or contract
  • The processing is carried out by automated means

14.6 Right to Object

You have the right to object to processing of your personal data based on legitimate interests, including profiling. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

14.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

14.8 Right to Lodge a Complaint

If you believe that our processing of your personal data violates applicable data protection laws, you have the right to lodge a complaint with your local data protection authority.

EEA: https://edpb.europa.eu/about-edpb/about-edpb/members_en UK: https://ico.org.uk/ Switzerland: https://www.edoeb.admin.ch/

14.9 How to Exercise Your Rights

To exercise any of the rights described above, please contact us at:

Email: privacy@outgrave.com Subject: Data Subject Request - PromptFlow

We will respond to your request within 30 days (with a possible extension of up to 60 additional days for complex or voluminous requests). We may request proof of identity before processing your request.

14.10 In-Extension Controls

You can exercise many of your rights directly through the Extension:

  • Access and modify your configuration through the Extension popup
  • Delete specific data (domains, actions, LLM settings) through the popup
  • Sign out of your account through the Account tab
  • Clear all data by uninstalling the Extension

15. California Privacy Rights (CCPA/CPRA)

If you are a resident of California, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information.

15.1 Categories of Personal Information Collected

In the preceding 12 months, we may have collected the following categories of personal information from California residents:

CategoryCollectedExamplesSourceBusiness Purpose
IdentifiersYesEmail address (via OAuth), IP addressUser, BrowserAccount management, security
Customer RecordsYesSubscription records, account infoUser, OUTGRAVE serversSubscription management
Commercial InformationYesSubscription plan, purchase historyUser, OUTGRAVE serversSubscription management
Internet/Electronic ActivityNoWe do not collect browsing historyN/AN/A
Geolocation DataNoWe do not collect precise locationN/AN/A
Professional/EmploymentNoN/AN/AN/A
InferencesNoN/AN/AN/A
Sensitive Personal InformationNoWe do not collect sensitive personal informationN/AN/A

15.2 No Sale of Personal Information

We do not sell your personal information. In the preceding 12 months, we have not sold any personal information of California residents.

15.3 No Sharing for Cross-Context Behavioral Advertising

We do not share your personal information for cross-context behavioral advertising. We do not engage in any advertising practices that would constitute "sharing" under the CCPA/CPRA.

15.4 Your California Rights

Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.

Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.

Right to Correct: You have the right to request correction of inaccurate personal information.

Right to Opt Out: You have the right to opt out of the sale or sharing of your personal information. As we do not sell or share personal information, this right is not applicable.

Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

15.5 How to Exercise Your California Rights

To exercise your California privacy rights, please contact us at privacy@outgrave.com or use the contact information in Section 19. We will verify your identity before processing your request. You may designate an authorized agent to make a request on your behalf.

15.6 California "Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.


16. Children's Privacy

The PromptFlow Extension is not intended for use by children under the age of 13 (or under the age of 16 in the European Economic Area). We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at privacy@outgrave.com, and we will take steps to delete that information.

If we become aware that we have collected personal information from a child without verification of parental consent, we will delete that information as soon as reasonably possible.


17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

  • The Extension's features and functionality
  • Legal or regulatory requirements
  • Our data handling practices
  • Industry standards and best practices

When we make changes, we will update the "Last Updated" date at the top of this policy. If we make material changes that affect your rights or our data handling practices, we will provide prominent notice within the Extension (such as a notification in the Extension popup) and may require you to review and re-accept the updated policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

Continued use of the Extension after any changes to this Privacy Policy constitutes your acceptance of the updated policy. If you do not agree with any changes, you should stop using the Extension and uninstall it.


18. Limited Use Disclosure

The PromptFlow Extension uses certain Google APIs (including Google Gemini API and Google OAuth sign-in) and may receive information from Google APIs. Our use and transfer of information received from Google APIs to any other app will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

Specifically:

  1. 01Limited to providing or improving user-facing features — Data received from Google APIs is used solely to provide the Extension's core functionality (text processing via Gemini, and optional Google OAuth sign-in).
  1. 01No transfer to advertising platforms — We do not transfer Google API data to advertising platforms, data brokers, or any other information resellers.
  1. 01No building of user profiles — We do not use Google API data to build user profiles for any purpose.
  1. 01No sensitive categories — We do not use Google API data to determine creditworthiness, for lending purposes, for employment eligibility, for insurance purposes, or for any other sensitive category.
  1. 01User-controlled sharing — Any sharing of data received from Google APIs is done only with your explicit consent and for the specific purpose you authorize.
  1. 01Compliance with Google API Terms — Our use of Google APIs complies with the Google API Terms of Service and the Google API Services User Data Policy.

19. Contact Information

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our data handling practices, please contact us:

Email: privacy@outgrave.com

Mailing Address: OUTGRAVE Attn: Privacy Policy - PromptFlow

Data Protection Officer: Email: dpo@outgrave.com

Response Time: We will respond to all legitimate inquiries within 30 days. For complex requests, we may require up to 90 days and will notify you of any such extension.


Appendix A: Summary of Data Flows

DataCollectedStoredShared WithRetention
Text from input fieldsYes, only when you click an action buttonNot storedYour chosen LLM providerNot retained by Extension
LLM API KeyYesChrome local storageYour chosen LLM provider (in API request)Until you delete or uninstall
LLM Model/Provider choiceYesChrome local storageNoneUntil you modify or uninstall
Domain whitelistYesChrome local storageNoneUntil you modify or uninstall
Custom prompt actionsYesChrome local storageNoneUntil you modify or uninstall
OAuth access tokenYesChrome local storage + OUTGRAVE serversOUTGRAVE servers (in API requests)Until sign-out or uninstall
OAuth refresh tokenYesChrome local storage + OUTGRAVE serversOUTGRAVE servers (in API requests)Until sign-out or uninstall
Subscription IDYesChrome local storage + OUTGRAVE serversOUTGRAVE servers (in API requests)Until account deletion
Subscription statusYesChrome local storage + OUTGRAVE serversNoneUntil next verification
Daily message countYesChrome local storageNoneResets daily
Browsing historyNoN/AN/AN/A
CookiesNoN/AN/AN/A
Personal identity infoNo (except email via optional OAuth)N/AN/AN/A

Appendix B: Permissions Requested by the Extension

The PromptFlow Extension requests the following Chrome permissions, each justified below:

Permission: storage

Purpose: Required to store all Extension configuration data locally, including domain whitelist, custom actions, LLM settings, API keys, OAuth tokens, subscription cache, and daily usage counter. Without this permission, the Extension cannot remember your preferences or authenticate your account.

Permission: tabs

Purpose: Required to open the subscription purchase page in a new tab, to monitor the OAuth authentication flow tab, to check if a subscription page tab is already open (to avoid duplicates), to query the active tab URL for the status indicator, and to close authentication tabs when the flow completes.

Host Permission: https://api.openai.com/*

Purpose: Required to send text to OpenAI's API when you configure the Extension to use OpenAI as your LLM provider.

Host Permission: https://api.anthropic.com/*

Purpose: Required to send text to Anthropic's API when you configure the Extension to use Anthropic (Claude) as your LLM provider.

Host Permission: https://generativelanguage.googleapis.com/*

Purpose: Required to send text to Google Gemini's API when you configure the Extension to use Gemini as your LLM provider.

Host Permission: https://api.groq.com/*

Purpose: Required to send text to Groq's API when you configure the Extension to use Groq as your LLM provider.

Host Permission: https://openrouter.ai/*

Purpose: Required to send text to OpenRouter's API when you configure the Extension to use OpenRouter as your LLM provider.

Host Permission: https://outgrave.com/*

Purpose: Required to load the subscription purchase page and the login page during the OAuth flow.

Host Permission: https://api.outgrave.com/*

Purpose: Required to communicate with OUTGRAVE's backend API for OAuth token exchange, token refresh, and subscription verification.

Content Script: <all_urls>

Purpose: Required to display the Extension's writing assistant toolbar on websites that you have added to your domain whitelist. The Extension activates only on domains you specifically configure and does not operate on any website by default.


This Privacy Policy is effective as of June 24, 2026.