masked.chat← Back to home

masked.chat

Privacy Policy

Last Updated: May 2026 | Effective Date: May 2026

masked.chat is built on a privacy-first principle: your personal information is detected and masked locally on your device before any content reaches AI models or our servers.

We do not have access to your unmasked personal information.

1. Introduction

This Privacy Policy ("Policy") describes how masked.chat ("Company", "masked.chat", "we", "us") collects, uses, and shares personal information of users of this website, masked.chat https://masked.chat (the "Site"), as well as associated products and services (together, the "Services"), and applies to personal information that we collect through the Site and our Services as well as personal information you provide to us directly.

Please note that by using the Site or the Services, you accept the practices and policies described in this Policy and you consent that we will collect, use, and share your personal information as described below.

If you do not agree to this Policy, please do not use the Site or the Services.

2. How Our Privacy Shield Works

Before explaining what information we collect, it is important to understand our core privacy architecture:

Local PII Detection and Masking

When you type a message, masked.chat uses a combination of context rule-based detection and a local on-device AI model to identify Personally Identifiable Information ("PII") within your input.

Detected PII is replaced with anonymized tokens before your message leaves your device.

This process is called "masking" and it happens entirely on your device.

For example, if you type "My name is John Smith and my email is john@example.com", your message is transformed to something like "My name is [PERSON_1] and my email is [EMAIL_1]" before being sent to any AI model.

The Identity Vault

The mapping between your real PII and the anonymized tokens is stored locally in an encrypted structure called your Identity Vault.

The encryption key for your Identity Vault is held only by you; masked.chat does not have access to this key or to the unmasked contents of your Vault.

Cloud Vault Sync

If you create an account, an encrypted version of your Vault is stored on our servers solely for the purpose of enabling continuity across your devices.

Because the encryption key is held only by you, the encrypted Vault stored on our servers is unreadable by masked.chat.

Cloud Vault sync is enabled by default to ensure a seamless experience across devices.

You can disable it at any time from your account settings; if disabled, your Identity Vault will not be synced across devices.

3. Personal Information We Collect

What We Do NOT Collect

Because of our local masking architecture, masked.chat does not collect, process, or store:

  • Your unmasked prompts or messages
  • The contents of your Identity Vault (we store only an encrypted, unreadable version if cloud sync is enabled)
  • Any PII that has been identified and masked by your local device

Personal Information From Users of masked.chat

When you use masked.chat, we collect the following personal information from you:

  • User content, such as your masked (tokenized) prompts and any feedback you provide
  • Information you provide to us, such as feedback on the product

Personal Information From Users of Our Website Generally

When you use our Services, we collect personal information that you provide to us, which may include the following categories depending on how you use our Services:

  • General identifiers, such as your email address and, if applicable, your third-party authentication account ID (e.g. Google Account ID)
  • Online identifiers, such as your username, and information we automatically collect through cookies and similar technologies. This may include your device's operating system type and version, browser type, screen resolution, IP address, unique device identifier, the website you visited before browsing to our Site, and general location information such as city or geographic area
  • Commercial information, such as your subscription status and billing reference token. Full payment details are handled by our third-party payment processor and are not stored by masked.chat
  • Other information you provide to us

Information We Collect Automatically

We automatically log information about you and your device when you access the Site and Services, such as device type, operating system, browser type, IP address, pages viewed, session duration, and feature usage.

This information is used solely to operate and improve the Services.

Cookies

We may log information using "cookies." Cookies are small data files stored on your hard drive by a website.

We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site.

We do not use cookies for advertising or cross-site tracking.

Analytics Information

We may use analytics tools to help analyze how users use the Site and the Services.

These analytics services use Cookies to collect information such as how often users visit the Site or use the Services, what pages they visit, and what other sites they used prior to coming to the Site.

We use the information we get from use of these analytics services only to improve our Site and the Services.

4. How We Use Your Personal Information

Generally, we may use information in the following ways:

  • To help establish and verify your identity
  • For the purposes for which you specifically provided it, including to enable us to process and fulfill your requests or provide the Services to you
  • To provide you with effective customer service
  • To send you information about your relationship or transactions with us
  • To otherwise contact you with information that we believe will be of interest to you, including marketing and promotional communications
  • To enhance or develop features, products or services

Research and development: We may use your general identifiers, online identifiers, and commercial information for research and development purposes, including to analyze and improve the Services. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We may use this anonymous data and share it with third parties for our lawful business purposes.

Training of AI Models: We do not use your personal information to train AI models.

Marketing: We may use your general identifiers and online identifiers in connection with sending you marketing communications as permitted by law. You may opt-out by following the unsubscribe instructions in any marketing email, or by emailing us at support@masked.chat.

Compliance and protection: We may use your personal information to comply with applicable laws and legal process; protect our, your and others' rights, privacy, safety and property; enforce our terms and conditions; and prevent, identify, investigate and deter fraudulent, harmful, unauthorized, or illegal activity.

5. How We Share Your Personal Information

We may disclose personal information with the following categories of third parties:

Third Party Service Providers: We may provide your personal information to third-party service providers that help us provide the Services, including cloud hosting providers, payment processors, authentication providers, and analytics providers. Due to our local masking architecture, the personal information shared with these providers is limited to account and operational data (such as email address, subscription status, and anonymized usage metrics) and never includes the contents of your conversations or Identity Vault. These providers are contractually obligated to process your information only for the purposes we specify.

AI Model Providers: We route your masked (tokenized) messages to third-party AI model providers that you select. Because masking occurs before transmission, these providers receive only anonymized content and do not have access to your PII. A current list of supported providers is available in the Services. By selecting a particular AI model, you acknowledge that your masked messages are transmitted to and processed by that provider under their own terms and privacy policies.

Professional Advisors: We may provide your personal information to our lawyers, accountants, bankers and other outside professional advisors in the course of the services they provide to us.

Corporate Restructuring: We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction involving the sale, transfer, or disclosure of all or a portion of our business or assets. For clarity, any personal information transferred in such a transaction does not include the contents of your Identity Vault, which remain technically inaccessible to masked.chat as we do not hold the decryption key. If another company acquires our business or assets, that company will assume the rights and obligations regarding your personal information as described in this Privacy Policy.

Other Disclosures: We may disclose your personal information if we believe in good faith that such disclosure is necessary to comply with relevant laws or to respond to subpoenas or warrants; to protect or defend the rights or property of masked.chat or users of the Services; or to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our terms of service.

We do not sell your personal information.

Third Party Websites: Our Site or the Services may contain links to third party websites or services. We have no control over, do not review, and cannot be responsible for these outside websites or their content, or any collection of your personal information after you click on links to such outside websites. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, websites or privacy practices.

6. Your Choices Regarding Your Personal Information

Email Communications: We may periodically send you newsletters and e-mails that directly promote the use of our Site or Services. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly. Despite your indicated e-mail preferences, we may send you service-related communications, including notices of any updates to our Privacy Policy or terms of service.

Cookies: If you decide at any time that you no longer wish to accept cookies from our Site, you can instruct your browser to stop accepting cookies or to prompt you before accepting a cookie. If you do not accept cookies, you may not be able to use all portions of the Site or all functionality of the Services. If you have any questions about how to disable or modify cookies, visit https://www.allaboutcookies.org/.

Cloud Vault Sync: You may disable cloud syncing of your Identity Vault at any time from your account settings.

7. Security of Your Personal Information

masked.chat is committed to protecting the security of your personal information.

We use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure.

The encrypted Identity Vault stored on our servers is protected by end-to-end encryption; masked.chat cannot access its contents.

No method of transmission over the internet, or method of electronic storage, is 100% secure.

Therefore, while we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security.

8. International Users

masked.chat is operated from Canada and governed by Canadian privacy law.

Your information may be transferred to and processed in other countries, including the United States, where our service providers operate.

By using the Services, you acknowledge this.

9. Children

Our Site and the Services are not intended for individuals under 16 years of age, and you must be at least 16 years old to use the Services.

We do not knowingly collect, use, or disclose personally identifiable information from anyone under 16. If you believe that we have collected, used, or disclosed personally identifiable information of a person under the age of 16, please contact us using the contact information below so that we can take appropriate action.

10. Do Not Track

We currently do not support the Do Not Track browser setting or respond to Do Not Track signals.

For more details about Do Not Track, including how to enable or disable this preference, visit https://www.allaboutdnt.com.

11. Canadian Privacy Laws

masked.chat complies with PIPEDA and applicable provincial privacy legislation, including Quebec's Law 25. For privacy inquiries, contact our Privacy Officer at privacy@masked.chat.

12. Updates to This Privacy Policy

We reserve the right to change this Privacy Policy at any time.

If we make any material changes to this Privacy Policy, we will post the revised version to our website and update the "Effective Date" at the top of this Privacy Policy.

Except as otherwise indicated, any changes will become effective when we post the revised Privacy Policy on our website.

13. Contact Us

Our contact information is as follows:

masked.chat Email: privacy@masked.chat Website: https://masked.chat