Privacy Policy

Last Updated: February 4, 2026

Overview

Nexus Negotiator ("the Extension") is a Chrome browser extension that helps users analyze email threads and draft strategic responses using AI. This privacy policy explains how we handle your data.

Data We Collect

Email Content (Temporary Processing Only)

  • What: Email thread content from Gmail when you request an analysis
  • Why: To provide AI-powered negotiation insights and draft responses
  • How it's processed: Sent to our secure backend servers, which forward it to Google's Gemini API for real-time analysis
  • Storage: Email content is never permanently stored. It is processed in real-time and immediately deleted after analysis is complete

Authentication Information

  • What: Email address, name, and profile picture via Google OAuth
  • Why: To authenticate you and manage your subscription
  • Storage: Stored on our backend servers
  • Usage: Used for account management and subscription verification only

License & Subscription Data

  • What: License key, subscription tier, and purchase information
  • Why: To verify your subscription tier and enforce monthly usage limits
  • Storage:
    • Stored on our backend servers (Upstash Redis)
    • License key is also stored locally in Chrome's encrypted storage for quick access
  • Usage: Validated with each analysis request to enforce limits

Usage Statistics

  • What: Monthly analysis count and subscription tier
  • Why: To enforce usage limits based on your plan (Free: 10/month, Starter: 100/month, Pro: 500/month)
  • Storage: Tracked on our backend servers and reset monthly
  • Usage: Checked before each analysis to determine if you're within your plan limits

Local Preferences (Not Transmitted)

  • What: Settings like default negotiation mode and notification preferences
  • Why: To customize your experience
  • Storage: Stored only locally in Chrome's encrypted storage
  • Privacy Note: These preferences never leave your device

Data We DO NOT Collect or Store

  • ❌ We do not permanently store your email content (processed transiently, then immediately deleted)
  • ❌ We do not collect or require user-provided API keys
  • ❌ We do not track device IDs or send device identifiers to our servers
  • ❌ We do not have access to your Google account password
  • ❌ We do not track your browsing history (only interact with Gmail when you request analysis)
  • ❌ We do not sell, rent, or share your data with third parties for marketing
  • ❌ We do not use advertising networks or third-party analytics trackers
  • ❌ We do not store payment card information (handled securely by Stripe)

Third-Party Services

Google OAuth

  • Purpose: User authentication
  • Data Shared: Email address, name, and profile picture
  • Privacy Policy: Google's Privacy Policy

Google Gemini API

  • Purpose: AI-powered email analysis and response generation
  • Data Shared: Email content is forwarded from our backend to Gemini for real-time analysis
  • Data Retention: Google may retain data temporarily per their API terms
  • Terms: Google's AI Terms of Service

Stripe

  • Purpose: Payment processing for paid subscriptions
  • Data Shared: Stripe handles all payment information directly
  • What We Receive: Only subscription status and customer ID
  • We Do NOT Store: Credit card numbers, CVV, or other sensitive payment data
  • Privacy Policy: Stripe's Privacy Policy

Upstash Redis

  • Purpose: Backend data storage for sessions, usage tracking, and license validation
  • Data Stored: Authentication tokens, license keys, usage counts, subscription tiers
  • Privacy Policy: Upstash's Privacy Policy

Vercel

  • Purpose: Hosting our backend API
  • Data Processed: All API requests pass through Vercel's infrastructure
  • Privacy Policy: Vercel's Privacy Policy

Data Flow

Your Gmail → Extension → Our Backend (Vercel) → Gemini API → Analysis → Extension

Processing Steps:

  1. Local (Your Browser): Extension reads email thread content when you click "Analyze"
  2. Backend (Vercel): Authenticates your request, checks usage limits, forwards email to Gemini
  3. Gemini AI: Analyzes email and generates negotiation insights
  4. Return Path: Analysis results sent back to Extension for display

Critical Privacy Note: Email content is processed transiently and never archived or stored permanently.

Your Rights

You have the following rights regarding your data:

  • Revoke Authentication: Disconnect access at any time via Google Account Settings
  • Delete License Key: Remove from Extension settings at any time
  • Request Data Deletion: Contact us to delete your account and all associated data
  • Uninstall Extension: Remove all locally stored data by uninstalling from Chrome
  • Control Extension Access: Choose when the Extension runs by only opening it when needed
  • Manage Payments: Access Stripe customer portal to update payment methods or cancel subscription

Data Retention

Data TypeRetention Period
Email ContentNot retained (deleted immediately after analysis)
License & SubscriptionStored while subscription is active + 30 days after cancel
Usage StatisticsTracked monthly, historical data retained for 12 months
Authentication DataStored while account is active
Local PreferencesStored until Extension is uninstalled or storage cleared

Note: You can request full data deletion at any time by contacting us.

Security

We take security seriously and implement multiple layers of protection:

  • HTTPS Encryption: All communication between Extension and backend uses HTTPS
  • Local Storage Encryption: Chrome automatically encrypts chrome.storage.local data
  • JWT Authentication: Backend uses secure JSON Web Tokens for API authentication
  • No Password Storage: We never store your Google password (OAuth handles authentication)
  • Payment Security: Stripe handles all payment data (PCI-DSS Level 1 certified)
  • Backend Security: Upstash Redis uses encrypted connections and secure access tokens
  • No Third-Party Trackers: We do not use advertising networks or analytics services

Cancellation & Refunds

To cancel your subscription:

  1. Visit the Manage Subscription page
  2. Enter your email address to look up your license
  3. Click "Manage Subscription in Stripe"
  4. In the Stripe Customer Portal, you can cancel, update payment methods, or view invoices

When you cancel, you'll retain access until the end of your current billing period. No refunds are provided for partial months.

Children's Privacy

Nexus Negotiator is not intended for users under 13 years of age. We do not knowingly collect data from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify users of material changes by:

  • Updating the "Last Updated" date at the top of this document
  • Posting a notice in the Extension (for significant changes)
  • Sending an email notification (for changes affecting data handling)

Contact Information

For privacy-related questions, concerns, or data deletion requests:

  • Email: [your-email@example.com]
  • GitHub: [your-github-repo]

Consent

By installing and using Nexus Negotiator, you acknowledge that you have read and understood this privacy policy and consent to our data handling practices as described herein.

This privacy policy complies with Google's Chrome Web Store Developer Program Policies and applicable data protection regulations.

← Back to Home