ByteThirst Privacy Policy

Last updated: February 15, 2026 · Version 1.0

ByteThirst is a Chrome extension that estimates the environmental impact of your AI usage. We are fundamentally committed to your privacy:

We NEVER collect, store, or transmit your AI conversation content — not your prompts, not the responses, not even what topics you discuss.
Free tier users make zero network calls (with one exception: an optional public API call to display the community donation counter, which transmits no user data).
Even premium users: we only transmit your email address and subscription status. Never your usage data.

What We Collect

Data stored locally on your device (chrome.storage.local):

Platform identifier (e.g., ChatGPT, Claude, Gemini, Copilot, Perplexity)
Estimated input and output token counts per interaction
Model tier (e.g., "standard", "large", "reasoning")
Date of interaction (YYYY-MM-DD format only — no time of day)
Daily query count per platform
Aggregated daily environmental impact estimates (water, energy, CO₂)
User preferences (unit system, display mode)
Achievement badge progress
Social card generation count (for rate limiting)

This data NEVER leaves your device. It is stored in Chrome's local extension storage and is not accessible to any website, server, or third party.

Data transmitted for premium subscribers only:

Email address (via Google Sign-In) — used for account creation and subscription management
Subscription status — synced between your device and our server (Firebase/Google Cloud) to verify premium access

Premium network calls are limited to:

Firebase Authentication (Google Sign-In, one-time on upgrade)
Stripe payment processing (one-time on upgrade, managed by Stripe's PCI-compliant infrastructure)
Firestore subscription status verification (on extension popup open, maximum once per 24 hours)
Stripe Customer Portal (when you click "Manage Subscription")

Beta Signup & Email Communications

When you sign up for the ByteThirst beta on our website, we collect:

Email address — stored in Firebase (Google Cloud) Firestore
Optional survey responses — whether you are a power user and whether you would share impact cards (stored alongside your email)
Signup timestamp — generated server-side

How we use your email

We use your email address exclusively for:

Beta access confirmation and onboarding
Product launch announcements
New feature updates
Donation impact reports

We will never sell, share, or provide your email address to third parties for marketing purposes.

Lawful basis (GDPR)

Our lawful basis for processing your email is consent, given when you submit the beta signup form. You may withdraw consent at any time by clicking the unsubscribe link in any email or by contacting hello@bytethirst.com.

Email data retention

Beta signup emails are retained until you unsubscribe or request deletion. Upon unsubscribe or deletion request, your email and associated data are permanently removed from our database within 30 days.

What We NEVER Collect

Under any circumstance, ByteThirst never collects, stores, processes, or transmits:

Your AI conversations, prompts, or responses (we structurally cannot — the extension only reads DOM metadata like model selector labels, never conversation content)
Per-query records on any server (all usage data stays in local storage)
Exact timestamps of your AI usage (we store only the date, never the time)
URLs you visit (the extension activates only on supported AI platform domains)
Browsing history or activity outside of supported AI platforms
Browser fingerprinting data (canvas fingerprints, WebGL hashes, audio context data, etc.)
Cookies or tracking identifiers from any source
Content of files you upload to AI platforms
IP addresses (our servers never log request IPs; Firebase and Stripe may process IPs under their own privacy policies)

Third-Party Services (Premium Tier Only)

Firebase (Google Cloud)

We use Firebase Authentication for Google Sign-In and Cloud Firestore to store your subscription status. Firebase processes your email address and a unique user identifier. Firebase's data handling is governed by Google's Privacy Policy. Our Firestore database contains only your email, subscription tier, and subscription expiration date — no usage data.

Stripe

Payment processing is handled entirely by Stripe. ByteThirst never sees, stores, or has access to your credit card number, bank account details, or full payment information. Stripe is PCI DSS Level 1 certified. Stripe's data handling is governed by Stripe's Privacy Policy.

water.org

30% of premium subscription revenue is donated to water.org. We share no user data with water.org. Donation amounts are transferred as aggregate lump sums with no individual subscriber information attached.

Data Retention

Local usage data: Automatically pruned after 90 days. You can manually clear all local data at any time from the extension's settings panel.
Premium account data: Your email and subscription status are retained in Firestore for the duration of your subscription. Upon cancellation, account records are deleted within 30 days of subscription expiration.
Payment data: Retained by Stripe according to their data retention policies and applicable financial regulations. ByteThirst does not independently store any payment data.

Your Rights

For all users

View all stored data directly in Chrome's extension storage (accessible via the extension's settings panel)
Export your local data as a JSON file at any time
Delete all local data with one click in the extension's settings panel
Uninstall the extension at any time, which removes all locally stored data

For premium subscribers

Request a copy of all server-side data associated with your account by emailing hello@bytethirst.com
Request deletion of all server-side data by emailing hello@bytethirst.com (processed within 30 days)
Cancel your subscription at any time via the Stripe Customer Portal

GDPR (EU users)

If you are located in the European Economic Area, you have additional rights under the General Data Protection Regulation, including the right to access, rectify, port, and erase your personal data, as well as the right to restrict or object to processing. Our lawful basis for processing premium subscriber data is contractual necessity (to provide the subscription service you purchased). To exercise any GDPR right, contact hello@bytethirst.com. We will respond within 30 days.

CCPA (California users)

If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of its sale. We do not sell personal information to any third party. To exercise your CCPA rights, contact hello@bytethirst.com.

Children's Privacy

ByteThirst is not intended for users under 13 years of age. We do not knowingly collect data from children.

Changes to This Policy

We will update this page when our privacy practices change. Material changes will be announced via the extension's update notes in the Chrome Web Store.

Contact

For privacy questions or data requests: hello@bytethirst.com