Privacy Policy

This policy applies to the Business English Reframer web app (the "Service") and the Business English Reframer Chrome extension (the "Extension"). Both are operated by the same team and share the same backend.

We only collect what we need to rewrite your text. Specifically:

• Text you submit. The sentence or paragraph you type, paste, or select on a webpage and send to be reframed.
• Context category. The label you pick (Email, Slack, Apology, Disagreement, etc.) so we can adapt the rewrites.
• Basic request metadata. Standard server logs (timestamp, coarse IP-derived region, user agent) generated automatically when your browser calls our API. These are kept short-term for security and abuse prevention only.

We do not collect: your name, email address, account credentials, payment information, browsing history, the contents of pages you visit, clicks, keystrokes outside the Reframer input, location beyond coarse region, health, financial, or any other personal information.

The Chrome extension only reads the text you explicitly select and submit. It does not read page content in the background and does not run on tabs you have not invoked it on.

Submitted text and the chosen context are sent over HTTPS to our hosted AI endpoint to generate rewritten alternatives, which are returned to your browser and displayed in the app or side panel. That is the entire purpose.

We do not use your text to train models, profile you, target advertising, determine creditworthiness, or for any purpose unrelated to producing the rewrite you asked for.

To generate rewrites, your text is processed by our AI provider (the Lovable AI Gateway) under their data processing terms. The AI provider acts as a sub-processor: they process the text only to return a response and do not use it to train their models on your inputs. We do not share your text with anyone else.

We do not sell, rent, or trade your data to any third party. Ever.

Submitted text and rewrites are not stored in a user-linked database. They exist only in transit and in short-lived processing memory required to return your response.

Server request logs (timestamp, coarse region, user agent, status code) are retained for up to 30 days for security, debugging, and abuse prevention, then deleted automatically.

Requests are handled by edge infrastructure that may route to the nearest available region. The AI provider may process requests in data centers located in the United States or the European Union. By using the Service you consent to this processing.

All traffic between your browser and our API uses TLS (HTTPS). The Chrome extension bundles all of its code at install time and does not execute remotely fetched scripts. Access to our infrastructure is restricted to the operating team and protected with strong authentication.

The Service is not directed to children under 13 and we do not knowingly collect information from them. If you believe a child has used the Service, contact us and we will delete any associated request logs.

Because we do not maintain user accounts and do not store your submitted text, there is generally nothing tied to you for us to access, export, or delete. If you have submitted a request from a specific IP and want any related logs purged before the 30-day window, email us and we will honor reasonable requests.

Depending on where you live (e.g. EEA, UK, California), you may have additional rights under GDPR, UK GDPR, or CCPA, including the right to lodge a complaint with your local data protection authority.

If we materially change this policy, we will update the "Last updated" date above and, where appropriate, surface a notice in the app. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

Questions, requests, or complaints about privacy can be sent to contact@kenjisano.com. We aim to respond within 14 days.