Privacy Policy

AceRecall is a Chrome extension that helps users capture and review multiple-choice study questions from supported learning websites.

Scope

This policy applies to the AceRecall Chrome extension and its AI backend service.

Supported Websites

AceRecall runs only on these domains:

• https://app.aceable.com/*
• https://app.idrivesafely.com/*
• https://app.driversed.com/*
• https://app.aarpdriversafety.org/*

Data We Process

AceRecall processes the following categories of data:

1. Website content

• Multiple-choice question text
• Answer choices
• Related learning text needed to build review content

2. Web history data (limited)

• Page URL (`sourceUrl`) for captured questions on supported domains
• Capture/review timestamps associated with saved study items

3. Extension settings and state

• Preferences such as AI enabled/disabled, privacy mode, overlay mode, and per-site toggles
• Study state such as review schedule, streaks, glossary, flashcards, and AI request status

How We Use Data

We use data only to provide the extension's single purpose: capturing study questions and helping users review them later.

Specifically, data is used to:

• Detect and save eligible multiple-choice questions
• Build and run side-panel review drills
• Generate glossary terms and flashcards
• Request AI answer/glossary results when AI is enabled
• Let users export their own study data (JSON/CSV)

AI Processing and Third-Party Services

When AI is enabled, AceRecall sends minimal question payloads to the AceRecall backend:

• Endpoint host: https://ace-recall-production.up.railway.app
• Payload examples: question text, answer choices, generated question ID, and non-identifying metadata

The backend may send necessary prompt content to OpenAI to generate AI outputs. We do not send account passwords or payment data as part of this workflow.

Data Storage

• Primary storage is on-device in `chrome.storage.local` and IndexedDB.
• Question content is encrypted before persistence in local storage.
• AI cache and review metadata are stored locally to improve user experience.

Data Sharing

We do not sell user data.

We share data only in these cases:

• With service providers needed to operate core AI functionality (AceRecall backend and OpenAI via backend)
• When required by law, legal process, or to protect rights/safety
• When the user explicitly exports data

What We Do Not Collect

AceRecall is not designed to collect:

• Passwords or authentication credentials
• Health data
• Financial/payment card data
• Personal communications (email/SMS/chat content)
• Precise location data
• Keystroke logging

Permissions Rationale

AceRecall requests only permissions needed for its single purpose:

• `storage`: save study content, schedules, settings, and AI state locally
• `sidePanel`: provide the review workspace UI
• Host permissions on supported learning domains: capture eligible study content
• Host permission for AceRecall backend domain: send AI requests required for core behavior

User Controls

Users can:

• Enable/disable AceRecall per supported site
• Enable/disable AI
• Enable privacy mode to reduce local persistence behavior
• Clear all AceRecall data from local storage
• Export saved data to JSON/CSV

Data Retention

• Locally stored data remains until the user clears it or uninstalls the extension.
• Server-side retention for AI requests is limited to what is operationally necessary for reliability, abuse prevention, and debugging.

Children's Privacy

AceRecall is not directed to children under 13.

Policy Changes

We may update this policy as features or legal requirements change. Updated versions will be posted with a new "Last updated" date.

Contact

For privacy questions or requests, contact: acerecall.business@proton.me