Privacy Policy

1. Who We Are

DropScribe ("we", "our", "us") is an AI-powered product description generator for Shopify and WooCommerce store owners. This Privacy Policy explains what data we collect, how we use it, and your rights over it.

For questions, contact us at: privacy@dropscribe.app

2. Data We Collect

Account Data

When you create an account we collect your email address and a hashed password. If you sign up with Google, we receive your name and email from Google.

Usage Data

We store the product descriptions you generate (your inputs and the AI outputs) so you can access your history. We also record how many generations you have used each month to enforce plan limits.

Billing Data

Payments are processed by Dodo Payments. We never store your card number, CVV, or full payment details. We only store your Dodo Payments customer ID and your credit balance (number of generations purchased and remaining).

Technical Data

We collect standard server logs including IP address, browser type, and pages visited. These are used for security monitoring and debugging only.

3. How We Use Your Data

• ✦To provide the DropScribe service — generating and storing your product descriptions.
• ✦To enforce credit limits and manage your credit balance.
• ✦To send transactional emails (welcome, billing receipts, payment failures).
• ✦To respond to support requests.
• ✦To monitor for abuse and maintain security.
• ✦To improve the product using aggregated, anonymised usage patterns.

We do not sell your data. We do not use your product descriptions to train AI models. We do not share your data with advertisers.

4. Third-Party Services

We use the following third-party services to operate DropScribe:

5. Data Retention

Free accounts: Generation history is retained for 30 days.

Paid accounts (credit pack holders): Generation history is retained for 90 days while your account is active.

If you delete your account, all your data — profile, history, and preferences — is permanently deleted within 30 days.

6. Your Rights

Depending on your location, you may have the following rights:

• ✓Access — request a copy of the personal data we hold about you.
• ✓Correction — ask us to correct inaccurate data.
• ✓Deletion — request that we delete your account and all associated data.
• ✓Portability — request your data in a machine-readable format.
• ✓Objection — object to certain types of processing.

To exercise any of these rights, email privacy@dropscribe.app. We will respond within 30 days.

7. Cookies

We use a single authentication cookie set by Supabase to keep you logged in. We do not use advertising cookies or third-party tracking cookies. You can clear cookies at any time through your browser settings, which will log you out.

8. Security

All data is transmitted over HTTPS. Passwords are hashed and never stored in plain text. We use Row Level Security in our database so users can only access their own data. API keys are stored as environment variables and never exposed to the frontend.

9. Chrome Extension

The DropScribe Chrome extension operates only on AliExpress product pages (*.aliexpress.com/*). This section explains what the extension accesses, stores, and transmits.

Permissions the extension requests

• ✦Host permission (*.aliexpress.com/*) — allows the extension to read the content of AliExpress product pages you are already viewing. It does not access any other website.
• ✦Storage (chrome.storage.local) — used to store your authentication token, display preferences (platform, tone, brand voice), and a local generation count. No data in chrome.storage is shared with third parties.
• ✦Active tab — used only when you explicitly click the DropScribe button to open the generation panel.

Data the extension reads from AliExpress pages

When you click the "Generate Description" button, the extension reads the following data from the AliExpress product page currently open in your browser: product title, product price, and product description text visible on the page. This data is already visible to you in your browser. The extension does not scrape AliExpress servers directly, does not run in the background, and does not read pages you have not explicitly opened.

How that data is used

The product data read from the page is sent over HTTPS to the DropScribe backend to generate an AI-powered product description. It is processed by Anthropic's Claude API and returned to you. The product input is stored alongside the generated output in your generation history, subject to the retention periods in Section 5.

The extension does not collect your browsing history, track pages you visit outside of AliExpress, monitor clicks or keystrokes, or transmit any data without your explicit action.

Authentication

To use the extension you must be signed in to your DropScribe account. Your JWT authentication token is stored locally in chrome.storage.local on your device only. It is sent with each generation request to verify your identity and is never shared with third parties.

Limited Use

The use of data accessed by the DropScribe Chrome extension is limited to providing the AI product description generation service. Data is not used for advertising, sold to third parties, or used to build user profiles beyond what is necessary to operate the service. The use of information received from the extension complies with the Chrome Web Store User Data Policy, including the Limited Use requirements.

10. Changes to This Policy

We may update this policy from time to time. We will notify you by email and update the "Last updated" date at the top of this page. Continued use of DropScribe after changes constitutes acceptance of the new policy.