Privacy Policy

Last updated: May 30, 2025

FillAI ("we," "our," or "us") operates the FillAI browser extension and associated backend services (collectively, the "Service"). This Privacy Policy explains how your data is handled when you use FillAI.

By installing or using FillAI, you agree to the practices described in this policy. If you do not agree, please do not use the Service.

1. Your Profile Data Stays On Your Device

The core principle of FillAI is local-first privacy. When you fill in your profile — name, address, work history, skills, salary expectations, and so on — that data is:

Saved only on your own device, inside your browser's extension storage
Encrypted with AES-256-GCM before being stored, using a key derived with PBKDF2 (100,000 iterations) — we cannot read it even if we wanted to
Never uploaded, synced, or stored on our servers

We do not "collect" your profile in any meaningful sense. You are storing your own data on your own machine. FillAI is simply the vault.

2. What Data Reaches Our Servers

The only time any profile data leaves your device is when you trigger an AI-powered fill. Here is exactly what happens:

Your profile is sent over HTTPS (encrypted in transit) to our backend
Our backend passes it to Google Gemini AI to generate a contextual response for that specific form field
The response is returned to your browser and filled into the form
Your profile is immediately discarded — it is processed in memory only and never written to any database or file on our servers

If you only use heuristic fills (non-AI, for simple fields like name and email), nothing is ever sent to our servers at all.

3. What We Actually Store Server-Side

Our servers hold only the minimum required to run the service:

Account record — your Google email and a unique user ID (from Google sign-in)
Credit balance — how many credits you have and purchase history
Usage events — the domain name (e.g. linkedin.com) of pages where you used AI fill, plus a timestamp. No page content, no paths, no form data, no profile.

That's it. No profile. No resume. No personal details stored on our end.

4. Resume Uploads

When you upload a PDF resume for profile extraction, it is sent to our backend and processed by Google Gemini AI to extract your details. The extracted data is returned to your browser to pre-fill your local profile. The PDF and extracted data are not stored on our servers after processing.

5. Google Sign-In

We use Google OAuth for authentication. When you sign in, Google shares your email address and display name with us. We store your email and a unique user ID server-side solely to identify your account and manage your credits.

6. What We Never Do

We do NOT read, collect, or store the content of web pages you visit
We do NOT collect your browsing history
We do NOT sell your data to anyone
We do NOT use your data to train AI models
We do NOT store your full profile on our servers
We do NOT read form data from websites you visit — we only fill data into forms

7. Third-Party Services

We use the following third-party services to operate FillAI:

Service	Purpose	Data Shared
Google Gemini AI	Text generation and resume parsing	Profile data (transiently, in memory only — not stored)
Google OAuth	User authentication	Email, display name
Supabase	Database and auth infrastructure	User ID, email, credit balance, usage events
Dodo Payments	Payment processing	Payment details (handled by Dodo — we only store transaction IDs)
Upstash	Rate limiting	User ID (for rate limit counters only)
Vercel	Backend hosting	Standard server logs (IP, request metadata)

Each third-party service operates under their own privacy policy.

8. Browser Permissions

FillAI requests the following browser permissions:

Storage: To save your encrypted profile and authentication data locally on your device
Active Tab: To interact with the current page's form fields for auto-filling
Tabs: To manage extension popup and options page interactions
Identity: To enable Google sign-in
Host Permissions (all URLs): To detect and fill form fields on any job application website. We do NOT read or collect page content — this permission is required solely to inject the content script that identifies form fields.

9. Data Retention

Profile Data: Stored locally on your device until you delete it or uninstall the extension
Account Data: Retained while your account is active. Deleted within 30 days upon account deletion request.
Usage Logs: Retained for up to 12 months for billing and abuse-prevention purposes, then deleted
Payment Records: Retained as required by applicable financial regulations (typically 7 years)

10. Your Rights and Choices

Access & Correction: View and update your profile at any time via the extension Options page
Deletion: Delete your local profile by clearing extension data. For server-side deletion (account, usage logs), contact us at the email below.
Opt-Out of AI Processing: Use heuristic-only fills for simple fields — nothing is sent to our servers
Withdraw Consent: Uninstall the extension at any time

For EU/EEA Residents (GDPR)

Our legal basis for processing is: (a) your consent when you use the Service; (b) contractual necessity to provide the Service; and (c) legitimate interest for security and abuse prevention. You have the right to lodge a complaint with your local data protection authority.

For California Residents (CCPA)

We do NOT sell your personal information. You have the right to know what we store, request deletion, and opt out of any sale (which we do not conduct).

11. Children's Privacy

FillAI is not intended for individuals under 16. We do not knowingly collect personal information from children under 16.

12. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via the extension or website. Continued use after changes constitutes acceptance.

13. Contact Us

For any privacy questions or data requests:

Email: support@fillai.site
Website: https://fillai.site

This Privacy Policy is effective as of May 30, 2025 and applies to all users of the FillAI browser extension and associated services.