Privacy Policy — Lingquill (Chrome Extension)

Last updated: March 27, 2026

This policy describes how the Lingquill Chrome extension (“the Extension”) and the Lingquill API (the online service the Extension uses for sign-in, subscriptions, and AI features) handle information. The Extension is provided by Ray Auguste (“we”, “us”).

Contact: raekwon322@gmail.com

Summary

• We do not sell your personal information.
• Sign-in uses Google (via Chrome’s identity APIs). We receive your Google account identifier and email to create your Lingquill account, subject to Google’s policies.
• AI translation and tutoring: when you use those features, text you select or send in the Extension is sent from your browser to our API servers, which forward the request to Anthropic (Claude). Processing on Anthropic’s side is governed by Anthropic’s privacy policy. The Extension does not use your own Anthropic API key; API access is provided through our service for subscribed users.
• Subscriptions are handled by Stripe. We store subscription status and Stripe identifiers needed to manage billing, as described below.
• Vocabulary, streaks, practice history, and most settings are stored locally in Chrome on your device unless you remove the Extension or clear extension data.

Permissions the Extension uses

• storage — saves settings, your session token, learning data, and UI preferences on your device.
• identity — lets you sign in with Google through Chrome (OAuth). A short-lived Google access token may be sent to our API to verify your account.
• Host access — the Extension is allowed to call our Lingquill API over HTTPS (the API base URL shipped with the Extension, e.g. our hosted domain on Railway). It does not need broad read access to arbitrary third-party APIs beyond what your browser already does for normal browsing.
• Content scripts run on web pages you open so Lingquill can respond to text selection, captions (where supported), and show the on-page UI. Page content is handled in your browser unless you trigger a feature that sends text to our API as described below.

Information we process

1. Account and sign-in (Lingquill API + Google)

When you choose to sign in:

• Chrome obtains a Google OAuth token using the scopes declared in the Extension manifest (email and profile).
• The Extension sends that token to our API (POST /auth/google). We validate it with Google’s userinfo endpoint and create or update a user record.
• We issue a Lingquill session token (JWT) returned to the Extension. It is stored in chrome.storage.local on your device along with your email (for display in the UI).

Server-side account data (in our database) typically includes: internal user id, Google subject identifier (sub), email, account creation time, and subscription fields linked to Stripe (customer id, subscription id, status, current period end). We use this to authenticate you, check subscription status, and operate billing.

2. AI features (text sent to our API and Anthropic)

When you translate selected text, use daily practice, caption-related translation, or chat-style tutoring in the Extension, the Extension sends a structured request (including the relevant text and prompts) to our API (POST /api/claude/messages) with your session token. Our server checks that your account is entitled (subscribed or otherwise allowed), then forwards the request body to Anthropic’s Messages API using our Anthropic API credentials.

As implemented today, we do not store the full content of those AI requests in our application database; they are processed to return a response to your browser. Like any HTTPS service, transient processing, logs, or infrastructure retained by our hosting or Anthropic may still apply—see Anthropic’s documentation for their retention and safety practices.

Avoid sending highly sensitive text (passwords, government IDs, confidential medical or financial data, etc.) through translation or chat features if you are not comfortable with it being included in requests to our API and Anthropic.

3. Billing (Stripe)

Subscriptions are processed by Stripe. When you open checkout or the customer portal from the Extension, you interact with Stripe-hosted pages. We receive webhook events and store the minimum subscription metadata needed to know whether your account is active. Stripe’s handling of payment data is governed by Stripe’s privacy policy.

4. Settings and learning data (stored locally)

Stored in chrome.storage.local on your device, including for example:

• Extension on/off, learning language, and other settings you configure in the popup
• Your Lingquill session token and a short-lived cache of subscription status
• Saved vocabulary, streaks, daily practice state, and similar learning data you generate in the Extension
• Lightweight usage limits for certain features (e.g. caption-related quotas) where implemented
• UI preferences (e.g. expanded sections in the popup)

This local data remains on your device until you uninstall the Extension, sign out (which clears session data on the device), or clear extension storage in Chrome.

5. Clipboard (when you choose Copy)

If you use Copy in the Extension UI, content may be written to your system clipboard using the browser’s clipboard APIs or a fallback. That happens locally on your device.

Third-party services

• Google — OAuth sign-in and profile/email scopes as shown in the Extension’s permission prompt.
• Anthropic — AI responses for features that call Claude through our API.
• Stripe — subscription checkout and customer billing portal.
• Hosting providers — our API and database run on cloud infrastructure (for example, our current deployment uses Railway and a managed database). Providers may process requests and metadata needed to operate the service.

Data retention and your choices

• On your device: clear Extension data or uninstall to remove locally stored vocabulary, settings, and session tokens.
• Sign out: use the Extension’s sign-out flow to clear the Lingquill session and cached entitlement on the device and revoke cached Google tokens where possible.
• Server-side account: to request deletion of the account and associated subscription records we hold, email us at the contact above. We will need to verify your request (for example, from the email on the account).
• Stripe and Anthropic: data they hold under your payment or their AI processing is governed by their policies and tools (e.g. Stripe customer portal).

Security

Session tokens are sent over HTTPS. You should keep your Google account secure; anyone with access to your profile on the device could use the Extension while signed in.

Children’s privacy

Lingquill is not directed at children under 13 (or the minimum age required in your jurisdiction). The service involves a Google account, optional paid subscription, and sending text to third-party AI systems—parents and guardians should decide whether use by minors is appropriate and supervise browser and account access.

International users

If you use Lingquill from outside your home country, your information may be processed in the United States or other regions where our providers operate, consistent with their terms and this policy.

Changes to this policy

We may update this policy when the Extension or our API changes. The “Last updated” date at the top will change when we do. Continued use after updates means you accept the revised policy.

Disclaimer

This document is meant to describe how Lingquill works in plain language. It is not legal advice. For compliance questions, consult a qualified attorney.