Privacy Policy

HumanizeThisAI ("we," "our," or "us") operates the website humanizethisai.com and related services (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using the Service, you consent to the data practices described in this policy.

1. Information We Collect

1.1 Information You Provide

• Account Information: When you create an account via Google OAuth, we receive your name, email address, and profile picture from Google.
• Payment Information: Payment processing is handled by Stripe. We store your Stripe customer ID and subscription status but do not store full credit card numbers on our servers.
• Support Communications: Content you submit through our support ticket system, feature request board, or direct email correspondence.
• Text Content: Text submitted for humanization is processed in real-time and is not stored on our servers after processing. See Section 4 for details.

1.2 Information Collected Automatically

• IP Address: Collected for security, fraud prevention, and approximate geolocation purposes.
• Country and City: Derived from your IP address for analytics and localization.
• Browser and Device Information: Browser type, operating system, device type, screen resolution, and language settings.
• Referring URL: The page you visited before arriving at our Service.
• Usage Data: Pages visited, features used, time on platform, interactions, and click events via PostHog analytics.
• Device Fingerprint: For fraud prevention and free tier abuse detection, we collect a device fingerprint composed of:
  • Canvas rendering characteristics
  • WebGL renderer and vendor data
  • Audio context properties
  • Installed font detection
  • Screen properties (resolution, color depth, pixel depth)
  • Timezone and language settings
  • Platform, hardware concurrency, and device memory
  • Touch support capability and Do Not Track setting

  This fingerprint is stored as a cryptographic hash and cannot be reverse-engineered to identify you personally. It is used solely to detect multi-account abuse and enforce free tier limits.

1.3 Information from Third Parties

• Google: Name, email address, and profile picture via Google OAuth.
• Stripe: Payment status, subscription events, and transaction metadata.
• Referral Data: If you were referred by another user, we record the referral relationship.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process payments and manage subscriptions
• Prevent fraud, abuse, and unauthorized access
• Enforce free tier usage limits using device fingerprinting
• Send transactional emails (receipts, usage alerts, subscription updates, support replies)
• Analyze usage patterns to improve user experience (PostHog analytics)
• Respond to support inquiries and feature requests
• Detect and address technical issues
• Comply with legal obligations

3. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share information only in the following circumstances:

• Service Providers: Third-party providers who assist in operating the Service, listed in Section 6 below.
• Legal Requirements: If required by law, court order, or governmental authority, or to protect our rights, safety, or property.
• Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction.
• Fraud Prevention: We may share device fingerprint data and IP information with fraud prevention services to detect and prevent abuse.

4. Text Processing and Data Retention

4.1 Text Processing

4.2 Data Retention Timelines

5. Cookies, Tracking, and Local Storage

5.1 Cookies We Set

5.2 Local Storage

We use browser localStorage and sessionStorage for the following purposes:

• htai_fp / htai_fp_ts — Fingerprint backup and timestamp
• htai_free_used / htai_free_used_ts — Free trial usage flag and timestamp
• humanize_pending_text — Temporarily stores text during checkout flow (cleared after use)
• humanize_auto_trigger — Auto-humanize flag after checkout (cleared after use)

5.3 Third-Party Analytics

We use PostHog for product analytics. PostHog may set its own cookies and collect data about your interactions with the Service. For more information, see PostHog's Privacy Policy.

5.4 Do Not Track

We currently do not alter our data collection practices in response to Do Not Track browser signals. We do detect the Do Not Track setting as one component of device fingerprinting for fraud prevention purposes.

6. Third-Party Service Providers

We use the following third-party services to operate the Service:

Each provider processes data under their own privacy policies and is bound by applicable data processing obligations.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit using TLS/SSL
• Encryption of data at rest via our infrastructure providers (Supabase, Stripe)
• Secure authentication through OAuth 2.0 (no password storage)
• Row-level security policies in our database
• Regular security reviews and monitoring

No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Your Rights and Choices

8.1 All Users

Regardless of your location, you have the right to:

• Access the personal information we hold about you
• Correct inaccurate or incomplete information
• Delete your account and associated personal data
• Export your data in a portable format (JSON)
• Opt out of marketing and broadcast emails
• Control cookies via your browser settings

8.2 Exercising Your Rights

To exercise any of these rights, email us at support@humanizethisai.com. We will respond within 30 days. We may verify your identity before processing requests to protect your privacy.

9. GDPR Compliance (EEA Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR).

Legal Bases for Processing

• Contract Performance: Processing necessary to provide the Service you have requested (account management, payment processing, text processing).
• Legitimate Interests: Fraud prevention, security, service improvement, and analytics — where our interests do not override your fundamental rights.
• Consent: Where required, such as for certain marketing communications.

Additional EEA Rights

• Right to object to processing based on legitimate interests
• Right to restrict processing of your personal data
• Right to lodge a complaint with your local supervisory authority

For GDPR-related inquiries, contact support@humanizethisai.comwith "GDPR Request" in the subject line. Where applicable, international data transfers are conducted pursuant to Standard Contractual Clauses or other appropriate safeguards.

10. CCPA/CPRA Compliance (California Residents)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Categories of Personal Information Collected

• Identifiers: Name, email address, IP address, device fingerprint hash
• Commercial Information: Subscription details, payment history, word credit usage
• Internet Activity: Pages visited, features used, interaction data
• Geolocation: Country and city (derived from IP)

Your California Rights

• Right to Know: What personal information we collect, use, and share
• Right to Delete: Request deletion of your personal information
• Right to Correct: Request correction of inaccurate information
• Right to Opt-Out of Sale: We do not sell or share personal information for cross-context behavioral advertising
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise your California rights, email support@humanizethisai.comwith "CCPA Request" in the subject line. We will respond within 45 days.

11. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. These countries may have different data protection laws than your country of residence.

For users in the EEA/UK, such transfers are conducted pursuant to Standard Contractual Clauses or other appropriate safeguards recognized under applicable data protection law. By using the Service, you acknowledge and consent to the transfer of your information as described in this policy.

12. Children's Privacy

Our Service is not intended for individuals under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at support@humanizethisai.com.

13. Automated Decision-Making

We use automated processing, including device fingerprinting, to make decisions about free tier access and fraud prevention. These automated decisions may affect your ability to create accounts or access certain features.

If you believe an automated decision has affected you unfairly, you may request human review by contacting support@humanizethisai.com.

14. Chrome Extension

Our Chrome extension ("HumanizeThisAI - AI Text Humanizer") provides access to our humanization service directly from your browser. This section describes additional data practices specific to the extension.

14.1 Data Collected by the Extension

• Authentication tokens: Stored locally in chrome.storage.local to maintain your session. Tokens are never transmitted to any third party.
• Text you submit: Text you explicitly choose to humanize is sent to our servers for processing. It is not stored or logged (see Section 4).
• Selected text: When you use the right-click menu, keyboard shortcut, or import feature, the extension reads your selected text. This text stays local on your device until you explicitly click "Humanize."
• Usage preferences: Theme, default mode, and tone preferences are stored locally on your device.

14.2 Permissions

• cookies: Used to read your HumanizeThisAI session cookie so you don't need to sign in separately.
• storage: Used to cache your session, profile, and preferences locally.
• activeTab & scripting: Used only when you explicitly trigger text import (via right-click, keyboard shortcut, or import button) to read your selected text from the current page.
• alarms: Used to schedule automatic token refresh to keep your session active.

14.3 Data the Extension Does NOT Collect

• Browsing history or page content (beyond text you explicitly select)
• Keystrokes or form inputs
• Data from other extensions
• Any data when the extension is not actively being used

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page, updating the "Last updated" date, and where practicable, sending a notification to your email address. Your continued use of the Service after changes take effect constitutes your acceptance of the updated policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: