AD by Toolandmore Privacy Notice

This Privacy Notice explains how Toolandmore handles personal information for the AD browser extension, the AD website at toolandmore.com, pricing and account pages, billing and refund workflows, mobile sign-in bridge pages, and related support/privacy workflows (together, the "Services").

1) Who controls this data

Toolandmore is the controller for the personal information described in this notice for the AD Services. Third-party providers such as Stripe, OpenAI, Google/Firebase, and Formspree may also process certain information under their own platform terms and privacy notices.

2) Scope of this notice

This notice applies to AD itself. It does not cover unrelated third-party websites, messaging platforms, email providers, or social networks that you may use alongside AD.

3) Categories of information we process

3.1 Account, authentication, and subscription information

• Email address, user ID, authentication provider, session state, legal acceptance status, and account timestamps.
• Plan, subscription status, usage counters, Stripe customer/subscription references, invoice/payment references, and refund/cancellation status.
• We do not store full payment card numbers; Stripe handles payment instrument data.

3.2 On-demand request content

• AD can also be used as a general AI chat assistant. In ordinary chat mode, AD responds to what you type without automatically reading visible thread context.
• The extension reads visible thread or email context only when you explicitly ask AD to draft, reply, respond, answer, compose, or follow up, when you use Snip to select the relevant text, or when you use Remember thread to save context.
• Snip currently captures readable on-screen text from the selected area by default rather than uploading a screenshot image or OCR file. If you add multiple snips before a draft request, AD may combine them for that next draft.
• Remember thread may extract or summarize important points, facts, and keywords from the visible thread or your selected text for later relevant use on that same device.
• Prompt/context content is processed transiently to generate output and run safety checks.
• AD does not continuously monitor chats, scrape full inboxes in the background, or run persistent hidden conversation surveillance.

3.3 What we do not store in Firestore as content

• We do not store your raw prompt text, raw thread text, raw snipped text, visible AD chat history, or generated draft text in our Firestore database.
• We may still process that text transiently in memory and through our AI/safety vendors to fulfill the request you made.
• Where Remember thread or other local-memory features are used, the current release stores compact summaries, facts, keywords, and preference-style notes on your device by default rather than uploading that memory to our servers.
• If we later introduce persistent memory or model-improvement features that change this content handling, we will update this notice before doing so.

3.4 Stored operational and security metadata

• Timestamp, account email/ID, plan status, mode, selected tone, status codes, policy flags, parser confidence, usage counters, and account restriction state.
• Basic device/network signals used for anti-abuse and service integrity, such as browser metadata, request origin, IP-related signals, subnet information, and device/fingerprint identifiers.
• Hashed interaction identifiers and message-length/context-length counts used for troubleshooting, fraud prevention, rate limiting, and security analytics.

3.5 Support, legal, and refund request information

• Support form submissions, privacy requests, refund reason selections, and free-text notes you choose to provide.
• Records showing whether a refund was requested, approved, denied, or already consumed under the one-time refund policy.

3.6 Browser, extension, and local device storage

• The website uses browser storage for authentication persistence, limited UI preferences, and session continuity.
• The extension uses Chrome extension storage and limited local browser storage/fallback storage for auth/session state, legal-state continuity, persistent local AD chat history, last-saved insertable draft state, and product operation.
• The extension may store encrypted local-only memory summaries, facts, remembered-thread knowledge, notes, and style hints on your device so AD can remember useful context across conversations on that same device.
• One-shot snips may be stored locally until they are used for the next draft request, replaced, or cleared.
• The current delete-chat control clears the visible AD chat history and the last saved insertable draft on that device; it does not necessarily remove remembered knowledge or all other local extension data.
• That local-only memory is designed for product functionality on your device and is not uploaded to our servers by default in the current release.
• Clearing browser or extension storage, or uninstalling the extension, may sign you out or reset/delete local preferences and local memory.

4) Where the information comes from

• Directly from you when you sign in, buy a plan, submit a request, or ask AD to generate a draft.
• From your browser, extension, or device when AD needs request context, local state, or security signals to function.
• From processors such as Stripe, Firebase/Auth, and support-form delivery tools when they confirm account, billing, or request events.

5) Why we process data

• Provide the drafting, reply assistance, AI-chat assistance, Snip handling, and remembered-thread workflows you explicitly request.
• Authenticate users, maintain sessions, enforce legal acceptance, and operate subscriptions.
• Prevent abuse, fraud, circumvention, excessive automation, and unsafe or prohibited use.
• Handle refunds, support tickets, privacy requests, disputes, and legal obligations.
• Maintain uptime, troubleshoot failures, and measure product/security health at a metadata level.

6) Legal bases we rely on (where applicable)

• Contract: to provide the Services you requested, including sign-in, plan verification, billing status, and AI generation.
• Legitimate interests: platform security, fraud prevention, service reliability, incident response, and abuse detection.
• Legal obligation: tax, accounting, consumer-protection, fraud-prevention, and lawful request handling.
• Consent: where law specifically requires consent for a given processing activity.

7) AI processing, moderation, redaction, and local memory

When you ask AD to chat, draft, or reply, or when you use Snip or Remember thread, the relevant prompt/context is sent to our AI provider and may also be checked by our moderation/safety provider. AD applies client-side confidential-pattern screening and client-side redaction patterns before transmission, but no automated screening or redaction is perfect. Where local memory is enabled, AD may also retrieve encrypted local-only summaries, remembered-thread knowledge, and preference-style notes from your device and use them transiently when relevant to the current request. In the current release, those local memory records are not stored on our servers by default.

Do not submit highly sensitive legal, medical, financial, government-ID, trade-secret, regulated, or confidential information unless you are comfortable with that risk and legally entitled to process it.

8) Sharing and processors

• OpenAI for text-generation and moderation endpoints.
• Google Firebase / Google Cloud for authentication, hosting, database, and backend infrastructure.
• Stripe for subscriptions, invoices, customer portal, and refunds.
• Formspree or similar support-form delivery tools for problem reports sent through the support page.
• Email providers used to receive support, legal, or operational notices.
• Authorities, regulators, courts, or law enforcement where legally required.

We do not sell personal information for money. We do not use AD message content for third-party advertising resale or cross-context behavioral advertising profiles.

9) International transfers

Your data may be processed in the United States and other countries where our providers operate. Where applicable, we rely on processor contractual commitments and recognized transfer mechanisms made available by those providers. Cross-border processing may be necessary to provide the Services.

10) Retention

• Account and subscription records: while your account is active and for a reasonable period after closure, plus longer where required for accounting, fraud prevention, or dispute handling.
• Prompt/thread/snipped content used for generation: processed transiently for the active request rather than stored in Firestore as message content by default.
• Chat/security metadata logs: generally short-lived and subject to automated expiration windows where configured; current operational log windows are designed to be limited rather than indefinite.
• Refund/privacy/support requests: retained as needed to resolve the request and meet legal/accounting requirements.
• Short-lived mobile auth/session bridge records: minutes rather than long-term account history.
• Local device chat history, snippets, and remembered summaries: persist on your device until used, overwritten, cleared, or removed through browser/extension storage changes.
• Where expiration fields are configured, scheduled cleanup jobs remove expired records automatically.

11) Cookies, browser storage, and extension storage

• AD pages do not currently load AdSense or third-party advertising trackers.
• The AD website uses browser storage to remember limited UI preferences and maintain authentication state.
• The AD extension uses Chrome extension storage for auth/session state and limited operational settings.
• Google/Firebase, Google sign-in, and Stripe may use cookies or similar technologies on their own domains for security, session continuity, billing, and fraud prevention.
• The AD web pages also load third-party technical resources, including Firebase SDK resources, which may involve standard request metadata such as IP address and browser details.

12) Your rights by region

12.1 EEA / UK / Switzerland / similar rights-based regimes

• Access, correction, deletion, restriction, portability, and objection rights.
• Right to withdraw consent where processing depends on consent.
• Right to complain to a supervisory authority.

12.2 California and other U.S. state privacy laws

• Rights to know/access, correct, delete, and receive portable copies of applicable personal information.
• Right to non-discrimination for exercising privacy rights.
• Right to opt out of sale/share where applicable. AD does not sell personal information for money and does not use AD message content for cross-context ad targeting.

12.3 Canada (PIPEDA and similar provincial frameworks)

• Rights to access and request correction of personal information, subject to legal limits.
• Right to withdraw consent where the processing is consent-based and where withdrawal is legally/technically possible.
• Right to complain to the Office of the Privacy Commissioner of Canada or applicable provincial authority.

12.4 Australia, Brazil, India, and other jurisdictions

Where applicable law grants additional access, correction, deletion, portability, consent-withdrawal, or complaint rights, we will honor those rights as required. Rights and timelines vary by jurisdiction.

13) How to exercise your rights

• Use authenticated in-product controls where available, including account deletion controls.
• Email data-rights, privacy, or support requests to support@toolandmore.com.
• We may verify identity and account ownership before fulfilling sensitive requests.

14) Security

We use HTTPS in transit, restricted backend/service-account access, Firestore rules, rate limiting, anti-abuse checks, scheduled cleanup jobs, operational monitoring, and encrypted local device storage for extension memory features. No system is perfectly secure. Because you control your own device and browser environment, local-only storage should not be treated as a substitute for enterprise-grade secure document systems. You should avoid submitting highly sensitive information to AD unless you are comfortable with that residual risk.

15) Automated enforcement and account restrictions

AD may apply automated policy and risk checks to detect abuse, prohibited use, suspicious activity, or attempts to bypass billing/security controls. These checks may result in throttling, verification challenges, temporary restrictions, or permanent account blocks. If you believe a restriction was applied incorrectly, contact support for review.

16) Do Not Track and similar browser signals

AD does not currently respond to browser "Do Not Track" signals with a separate technical workflow. We instead rely on the data practices and controls described in this notice.

17) Complaints and supervisory authorities

If you believe your privacy rights were not handled properly, please contact us first so we can review and respond. Depending on your jurisdiction, you may also have the right to complain to a data-protection or privacy regulator, consumer-protection authority, or other supervisory body.

18) Children and sensitive data

AD is intended for users age 18 and older. We do not knowingly provide the Services to minors. We also ask users not to submit special-category or highly sensitive personal data unless they are legally permitted to do so and accept the risks of AI processing.

19) Changes to this notice

We may update this Privacy Notice from time to time. We will post the updated version here and revise the effective date when material changes are published.

20) Contact

Privacy and data-rights requests: support@toolandmore.com

This notice is designed around the current AD product architecture. It does not promise features or protections that are not actually implemented in the code and service stack today.