3. Personal Information We Collect
What We Do NOT Collect
Because of our local masking architecture, masked.chat does not collect, process, or store:
- Your unmasked prompts or messages
- The contents of your Identity Vault (we store only an encrypted, unreadable version if cloud sync is enabled)
- Any PII that has been identified and masked by your local device
Personal Information From Users of masked.chat
When you use masked.chat, we collect the following personal information from you:
- User content, such as your masked (tokenized) prompts and any feedback you provide
- Information you provide to us, such as feedback on the product
Personal Information From Users of Our Website Generally
When you use our Services, we collect personal information that you provide to us, which may include the following categories depending on how you use our Services:
- General identifiers, such as your email address and, if applicable, your third-party authentication account ID (e.g. Google Account ID)
- Online identifiers, such as your username, and information we automatically collect through cookies and similar technologies. This may include your device's operating system type and version, browser type, screen resolution, IP address, unique device identifier, the website you visited before browsing to our Site, and general location information such as city or geographic area
- Commercial information, such as your subscription status and billing reference token. Full payment details are handled by our third-party payment processor and are not stored by masked.chat
- Other information you provide to us
Information We Collect Automatically
We automatically log information about you and your device when you access the Site and Services, such as device type, operating system, browser type, IP address, pages viewed, session duration, and feature usage.
This information is used solely to operate and improve the Services.
Cookies
We may log information using "cookies." Cookies are small data files stored on your hard drive by a website.
We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site.
We do not use cookies for advertising or cross-site tracking.
Analytics Information
We may use analytics tools to help analyze how users use the Site and the Services.
These analytics services use Cookies to collect information such as how often users visit the Site or use the Services, what pages they visit, and what other sites they used prior to coming to the Site.
We use the information we get from use of these analytics services only to improve our Site and the Services.
4. How We Use Your Personal Information
Generally, we may use information in the following ways:
- To help establish and verify your identity
- For the purposes for which you specifically provided it, including to enable us to process and fulfill your requests or provide the Services to you
- To provide you with effective customer service
- To send you information about your relationship or transactions with us
- To otherwise contact you with information that we believe will be of interest to you, including marketing and promotional communications
- To enhance or develop features, products or services
Research and development: We may use your general identifiers, online identifiers, and commercial information for research and development purposes, including to analyze and improve the Services. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We may use this anonymous data and share it with third parties for our lawful business purposes.
Training of AI Models: We do not use your personal information to train AI models.
Marketing: We may use your general identifiers and online identifiers in connection with sending you marketing communications as permitted by law. You may opt-out by following the unsubscribe instructions in any marketing email, or by emailing us at support@masked.chat.
Compliance and protection: We may use your personal information to comply with applicable laws and legal process; protect our, your and others' rights, privacy, safety and property; enforce our terms and conditions; and prevent, identify, investigate and deter fraudulent, harmful, unauthorized, or illegal activity.
5. How We Share Your Personal Information
We may disclose personal information with the following categories of third parties:
Third Party Service Providers: We may provide your personal information to third-party service providers that help us provide the Services, including cloud hosting providers, payment processors, authentication providers, and analytics providers. Due to our local masking architecture, the personal information shared with these providers is limited to account and operational data (such as email address, subscription status, and anonymized usage metrics) and never includes the contents of your conversations or Identity Vault. These providers are contractually obligated to process your information only for the purposes we specify.
AI Model Providers: We route your masked (tokenized) messages to third-party AI model providers that you select. Because masking occurs before transmission, these providers receive only anonymized content and do not have access to your PII. A current list of supported providers is available in the Services. By selecting a particular AI model, you acknowledge that your masked messages are transmitted to and processed by that provider under their own terms and privacy policies.
Professional Advisors: We may provide your personal information to our lawyers, accountants, bankers and other outside professional advisors in the course of the services they provide to us.
Corporate Restructuring: We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction involving the sale, transfer, or disclosure of all or a portion of our business or assets. For clarity, any personal information transferred in such a transaction does not include the contents of your Identity Vault, which remain technically inaccessible to masked.chat as we do not hold the decryption key. If another company acquires our business or assets, that company will assume the rights and obligations regarding your personal information as described in this Privacy Policy.
Other Disclosures: We may disclose your personal information if we believe in good faith that such disclosure is necessary to comply with relevant laws or to respond to subpoenas or warrants; to protect or defend the rights or property of masked.chat or users of the Services; or to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or our terms of service.
We do not sell your personal information.
Third Party Websites: Our Site or the Services may contain links to third party websites or services. We have no control over, do not review, and cannot be responsible for these outside websites or their content, or any collection of your personal information after you click on links to such outside websites. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, websites or privacy practices.