PRIVACY POLICY -- THOUGHT TIDY Effective date: 2026-05-25 Last updated: 2026-06-11 Contact: northpandalabs@gmail.com ------------------------------------------------------------------------ WHO WE ARE Thought Tidy is an AI writing assistant browser extension and desktop application developed by NorthPanda Labs, a product of Panda Automation LLC. Source code: https://github.com/northpandalabs/Thought-Tidy ------------------------------------------------------------------------ THE SHORT VERSION We do not collect, store, or transmit your personal data or your text to our servers -- because we don't have any servers. Your text goes directly from your device to whichever AI provider you configured (OpenAI, Anthropic, Google, or local Ollama). We never see it. ------------------------------------------------------------------------ WHAT DATA IS INVOLVED AND WHERE IT GOES 1. Text you process When you run an action (Fix Spelling & Grammar, Improve Writing, Make Professional, Brain Dump -> Clear Text, Idea -> Prompt, Sound Like Me, Sound Human, Make Formal, Make Casual, Shorten, Expand, or any custom prompt you create), your text is sent directly from your device to the AI provider you have configured. It passes through no Thought Tidy server. We cannot see it, log it, or access it. When you request multiple suggestions (up to 4 variants), each variant is a separate request to the same provider under the same conditions. No additional data is collected. Ollama runs entirely on your own machine -- no text leaves your device at all when using Ollama. 2. API keys Your AI provider API keys are stored locally on your device only, encrypted: - Desktop app: encrypted in your OS credential store (Windows Data Protection API / macOS Keychain / Linux Secret Service) - Browser extension: encrypted with AES-256-GCM using a key stored in browser local storage API keys never leave your device except to authenticate with their respective AI provider. 3. Pro license verification When you activate a Pro license, your email address and license key are sent to Gumroad's API solely to verify validity. This is not stored on our servers. After verification, both are stored locally on your device only. Gumroad's privacy policy: https://gumroad.com/privacy 4. Usage history Every action you run is logged locally: timestamp, action name, provider, model, input/output text, token counts, and estimated cost. Stored on your device only, never transmitted. You can clear it from Settings at any time, or protect it with an optional PIN (SHA-256 hash stored locally -- the raw PIN is never saved). Free tier stores today's history only; Pro tier stores full all-time history. 5. Profile data (Sound Like Me) Your name, role, writing style, and personal context are stored locally only. This data is included in prompts sent to your AI provider when using profile-based actions (Sound Like Me, Inject into every prompt). It is not sent to us. If you load a profile from a URL or GitHub Gist, that URL is accessed directly from your device. No request is routed through our servers. 6. Export / Import backup (.ttbackup) Pro users may export their full configuration as a .ttbackup file. This file is saved directly to your device via a browser/OS file-save dialog. The file contains: - AI provider entries and API keys (encrypted with PBKDF2 + AES-256-GCM) - Your profile (name, role, writing style, personal context) - Custom prompt actions - Full history (if Pro history is enabled) - All settings This file is created and stored entirely on your device. We never receive, transmit, or have access to .ttbackup files. Importing a .ttbackup file restores your settings directly from your local file -- no server involved. 7. Grammar sanitizer The grammar sanitizer (Pro) post-processes AI output locally before it is shown to you. No additional network requests are made; this processing happens entirely in your browser or desktop app. 8. Settings sync (extension + desktop) When both the extension and desktop app run simultaneously, settings sync over 127.0.0.1 (loopback only). This never leaves your machine and is protected by a random per-session token. 9. Custom prompts Custom prompt actions you create are stored locally only. When you run a custom action, your text plus your custom prompt text is sent directly to your configured AI provider. We never see custom prompt contents. ------------------------------------------------------------------------ WHAT WE DO NOT COLLECT - No analytics or usage statistics - No crash reports or error logs - No feature tracking - No cookies - No third-party tracking or advertising SDKs - No user accounts required for the free tier - No telemetry of any kind ------------------------------------------------------------------------ THIRD-PARTY SERVICES OpenAI -- AI processing (if configured) -- https://openai.com/privacy Anthropic -- AI processing (if configured) -- https://www.anthropic.com/privacy Google -- AI processing (if configured) -- https://policies.google.com/privacy Ollama -- Local AI, no data leaves device -- N/A Gumroad -- Payments and license checks -- https://gumroad.com/privacy GitHub -- Source code hosting -- https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement We are not responsible for the data practices of these services. ------------------------------------------------------------------------ CHILDREN'S PRIVACY Thought Tidy is not directed at children under 13. We do not knowingly collect personal information from children. ------------------------------------------------------------------------ YOUR RIGHTS We hold no personal data on any server. To remove all locally stored data: - Extension: Clear the extension's storage via your browser's extension management page, or uninstall the extension. - Desktop app: Uninstalling removes all locally stored settings and history. - .ttbackup files: Delete any exported backup files from your device. For data held by Gumroad related to a purchase, contact Gumroad directly. ------------------------------------------------------------------------ DATA SECURITY All sensitive local data (API keys, license credentials) is encrypted. API keys use AES-256-GCM on the extension and OS-level credential stores on the desktop. Exported .ttbackup files encrypt API keys using PBKDF2 key derivation and AES-256-GCM. No sensitive data is stored or exported in plaintext. ------------------------------------------------------------------------ CHANGES TO THIS POLICY We will update the effective date when changes are made. Material changes will be noted in release notes. Continued use after an update constitutes acceptance of the updated policy. ------------------------------------------------------------------------ CONTACT Questions: northpandalabs@gmail.com