# Privacy-Policy-GFG-Buddy Privacy Policy for RAG Assistant Chrome Extension Last Updated: October 29, 2025 This Privacy Policy describes how the "GFG Buddy" Chrome Extension ("the Extension") handles information. Our primary goal is to provide a helpful tool while ensuring user privacy and data security, especially concerning your Gemini API Key. We do NOT collect, store, or transmit any personally identifiable information (PII) or sensitive user data. 1. Information We Access To function, the Extension requires access to the following: Active Tab Content: When you interact with the Extension on a GeeksforGeeks page, it extracts the visible text content from that specific page. This content is temporarily used for generating context-aware answers to your questions. We do not store this content permanently on our servers or in any database. Your Gemini API Key: The Extension requires you to provide your own Google Gemini API Key. This key is used to authenticate requests to Google's Generative AI services (for embeddings and language model inference). 2. How Your Gemini API Key is Handled The security and privacy of your API Key are paramount: Local Storage Only: Your Gemini API Key is stored only within your local Chrome browser storage (chrome.storage.local). This storage is isolated to your browser profile and is not accessible by other websites. Not Transmitted to Our Servers (Directly): Your API Key is never stored on or transmitted through any servers operated by us (the Extension developers). Direct Transmission to Google: When you ask a question, your API Key is securely sent directly from your Chrome Extension to the FastAPI backend (which you run locally or on your own server, not ours). The backend then uses this key to make authenticated requests directly to Google's Generative AI services. This means your API Key is ultimately used to authenticate with Google, not with any intermediate service controlled by us. Zero-Cost for Developer: This architecture ensures that all computational costs associated with using the Gemini API are attributed directly to your Google Cloud project via your API Key. The Extension developers incur no costs from your usage. Responsibility for Key Security: You are responsible for the security of your Gemini API Key. Please treat it as sensitive information and do not share it with unauthorized parties. 3. How We Use Information To Answer Your Questions: The extracted webpage content and your Gemini API Key are used solely to facilitate the Retrieval-Augmented Generation (RAG) process, allowing the AI to answer your questions based on the current page's context. Caching for Performance: For subsequent questions on the same webpage, the processed content (e.g., vector embeddings) may be temporarily cached in the backend server's memory. This cache is tied to the current browser tab and has a short Time-To-Live (TTL), meaning it is automatically deleted after a period of inactivity. This is purely for performance optimization during your active browsing session and does not involve persistent storage of your data. 4. Third-Party Services The Extension relies on the following third-party services: Google's Generative AI API: For all AI model inferences (embeddings and generation). Your API Key authenticates your usage with Google. Please refer to Google's own privacy policies and terms of service regarding their API usage. FastAPI Backend: This is a component that you run yourself (either locally or on your own deployed server). The Extension communicates with this backend. The developers of this Extension do not operate this backend as a service for users. 5. Data Retention User Content: Webpage content is processed in real-time and is not persistently stored by the Extension or by us. API Key: Your Gemini API Key is stored locally in your browser until you clear your browser data or uninstall the Extension. Backend Cache: Temporary vector store caches on your backend server are purged after a period of inactivity. 6. Children's Privacy The Extension is not intended for use by children under the age of 13, and we do not knowingly collect any information from children under 13. 7. Changes to This Privacy Policy We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. 8. Contact Us If you have any questions or suggestions about our Privacy Policy, please contact us by opening an issue on our GitHub repository: [[Link to your GitHub repository's Issues page]](https://github.com/Adwait-Borate/Privacy-Plicy-GFG-Buddy/issues)