Privacy Policy

QuoteWorthy("we", "our", "us") respects your privacy. This policy explains what we collect, how we use it, and the choices you have. It applies to our web application and the free QuoteWorthy Chrome extension.

What we collect

• Account information. Email, name, and profile image you provide at sign-up (or that your Google account provides on OAuth sign-in).
• Authentication token. After you sign in, we issue a short-lived session token. The QuoteWorthy Chrome extension caches this token locally (inchrome.storage.local) so you stay signed in across browser sessions without logging in twice. The token lives on your device and is sent to our API only to authenticate your requests.
• Digest and call-out content. The journalist digests you forward to us, the individual call-outs we extract from them, the relevance scores we calculate against your expertise profile, and the pitch drafts we generate for your matches. Your expertise profile (your credentials, proof points, and the voice you want pitches written in) is also stored so we can ground each draft in your real expertise.
• Usage metadata. Per-account digest, call-out, and draft counts (used to enforce plan limits), timestamps, the source platform a call-out came from (HARO, Qwoted, SourceBottle, Source of Sources), and your plan tier.
• Billing. Handled by Stripe on our web app. The Chrome extension never sees payment data. We do not see or store your card details.
• Login activity. When you sign in or sign out, we record the timestamp, IP address, browser user-agent, and approximate country. This helps you detect unauthorised access to your account and lets us understand product engagement in aggregate. We do not sell or share this data.

How we use it

The digests you forward and your expertise profile are sent to a third-party AI LLM provider to extract the individual call-outs, score each one against your profile, and draft a pitch for the matches worth answering. We store the extracted call-outs, their relevance scores, and the drafts so you can access them in your review queue and history. We use aggregate usage numbers (digests processed, matches surfaced, drafts created) to improve the product.

QuoteWorthy never sends a pitch to a journalist on your behalf. Every draft stops in your review queue for you to edit, save, or discard. We do not sell, rent, or share your data with third parties for advertising or profiling.

Content moderation

Before any content you submit (your expertise profile, or a draft you ask us to refine) is sent to our AI provider, we run it through a lightweight filter that rejects content falling into the categories listed in our Terms of Service (drugs, adult content, personal messaging and dating, spam and phishing, hate speech, excessive profanity) and content that is too short or vague to process meaningfully. Rejected content is never transmitted to the AI provider, never appears in your history, and does not count against your plan limit.

We do, however, keep an internal audit record of rejected submissions - the original text, the rejection category, timestamp, IP address, browser user-agent, and where it was submitted from. This is used solely to identify accounts that repeatedly attempt disallowed content so we can enforce our Terms of Service. These records are not shared with third parties.

Chrome Extension

The QuoteWorthy Chrome extension is the optional client that lets you review your matched call-outs and their drafts inside your inbox, without switching to the web app. Because browser extensions warrant an explicit data disclosure, here is exactly what it does and does not handle.

Data the extension sends to our servers:

• The call-out content you choose to review - but only when you open the QuoteWorthy review panel. No background reading, no keystroke logging.
• Your cached session token, attached as an Authorization header so our API knows which account is making the request.

Data the extension stores locally on your device (via chrome.storage.local, not transmitted anywhere):

• Your cached session token.
• Your theme preference (light or dark).
• Your button customisation (position, shape, colour) and enabled-platform toggles.
• Your popup vs side-panel preference.

Data the extension does not collect:

• Web history. Content scripts only run on the inbox and source-platform sites listed in the extension manifest, and only to show your matched call-outs and their drafts. We do not track which pages you visit, page titles, or visit timestamps.
• Location. We do not access GPS, device location, or derive geolocation from your IP beyond the approximate country recorded in the login activity log above.
• Personal communications. We do not read your wider inbox, texts, DMs, or any private conversation content. The journalist call-out content you choose to review through QuoteWorthy is treated as content you explicitly submit, not interpersonal messages.
• Financial information. The extension never handles card numbers, transactions, or credit data. All billing runs through Stripe on our web app.
• Health information. Never collected.
• Keystrokes, clicks, or mouse movement. The extension only reads the call-out content when you open the review panel.

We do not sell or transfer user data to third parties outside of approved use cases (Stripe for payments, our AI LLM provider to extract, score, and draft, a managed PostgreSQL database for data storage, and Resend for transactional email). We do not use your data for advertising, profiling, creditworthiness scoring, or any purpose unrelated to the single purpose of triaging the call-outs and drafting the pitches you choose to work on.

Your data, your control

• You can delete any call-out or draft from the History page.
• You can export your saved drafts and pitches at any time.
• You can delete your account from Settings. This removes all stored call-outs, drafts, expertise profiles, and account data.

Security

Data is stored in a managed PostgreSQL database with row-level security so only you can read your own records. Traffic is encrypted with TLS. Authentication uses short-lived session tokens.

AI provider API keys

If you add your own AI provider API key (Anthropic, OpenAI, Google, or xAI) via Settings › AI Providers, here is exactly how we handle it:

• Encrypted at rest. Your API key is encrypted with AES-256 before being written to our database. The plaintext key is never stored. We hold only the encrypted ciphertext plus the last four characters of the key so you can identify which key you saved.
• Used only for your requests. The key is decrypted in memory only at the moment your request is processed, and only to call the AI provider on your behalf. It is never logged, never exposed in API responses, and never used for any other account.
• Never shared or sold.Your key is not shared with third parties beyond the provider it belongs to (e.g. your Anthropic key is sent only to Anthropic's API endpoint during your request).
• You control deletion.You can remove your API key at any time from Settings › AI Providers. Deletion permanently removes the encrypted ciphertext from our database.

Cookies

We use essential cookies for authentication and your preferences (such as theme). Optional analytics and marketing cookies are only set after you accept them in our cookie banner, and no non-essential cookie loads before you consent. You can change or withdraw your choice at any time from our Cookie Policy page, and we honour the Global Privacy Control (GPC) browser signal. That page also lists every cookie, its purpose, and its duration.

Sub-processors

We share data with a small set of vetted sub-processors that help us run the service (hosting, database, payments, transactional email, error monitoring, and AI processing). The current list, including each vendor's purpose and data location, is published on our Security page. We do not sell your personal information.

Data Processing Agreement

Business customers can request a GDPR Art. 28 Data Processing Agreement. See how to request a DPA.

Your California privacy rights (CCPA / CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act, as amended by the CPRA.

Categories of personal information we collect. Identifiers (name, email, account ID); commercial information (subscription plan and billing handled by Stripe); internet and network activity (login activity: timestamp, IP address, user-agent, approximate country; usage metadata); and the content you submit for processing. We collect these to provide and secure the service, as described above. We do not collect sensitive personal information for the purpose of inferring characteristics, and we do not knowingly collect data from children.

We do not sell your personal information,and we do not "share" it for cross-context behavioural advertising. Analytics and marketing cookies run only with your consent. You can opt out at any time using the Do Not Sell or Share My Personal Information control on our Cookie Policy page, and we treat a Global Privacy Control signal as a valid opt-out.

Your rights. You have the right to know what personal information we hold and how we use it, the right to delete it, the right to correct it, and the right to opt out of any sale or sharing. You can exercise the rights to know and delete directly: download a copy of your data or permanently delete your account from Settings. You may also email us (see Contact below) and we will respond within the timeframes the law requires.

Non-discrimination. We will never deny you service, charge a different price, or provide a different quality of service because you exercised any of these privacy rights.

Changes to this policy

If we make material changes, we will update the date above and, for signed-in users, show a notice on your next visit.

Contact

Questions? Email privacy@quoteworthy.ai or see our Terms of Service.