Privacy Policy

"Web Page Summary Assistant" (hereinafter referred to as "this extension" or "we") respects and protects the personal privacy of all users. This policy details how we collect, use, store, and protect your information when you use this extension and related services. Please read this policy carefully before using our services.

1. Information We Collect

1.1 Account Information

• Email Address: Used for registration, login, and identity verification. It is the unique identifier for your account.
• Nickname: Optional information displayed in the interface.
• Password: Stored in encrypted form; we cannot view your original password.

1.2 Web Page Content You Actively Submit

When you actively click the following function buttons, information about the current page will be sent to the backend server:

• Generate Summary: Sends the page URL, title, and HTML content.
• Convert to Markdown: Sends the page URL, title, and HTML content.
• AI Suggested Tags (Bookmark Feature): Sends the page URL, title, and HTML content for analysis and recommended classification tags.

If you do not actively click the above buttons, we will not collect any web page content.

1.3 Bookmark Information

• Bookmarked Web Pages: URL, page title, and page summary (optional).
• Custom Tags: Classification tag names you create or select.
• Bookmark data is stored in two places: backend database (for cross-device synchronization) and your browser's local storage (for offline access).

1.4 Usage Records

• Call Records: Operation type (Generate Summary / Convert Markdown), page URL, page title, operation time, and request source IP address.
• Usage Statistics: Daily call count for quota management and abuse prevention.
• Local History: Summary results, Markdown content, and chat records are saved in the browser's chrome.storage.local, with a limit of 100 entries.

1.5 Feedback Information

• Feedback content and contact information (optional) that you voluntarily submit.

1.6 Technical Information

• Browser Extension ID: Used for browser extension-related communications such as OAuth callbacks.
• Language Preference: Your selected interface language (Chinese or English).

2. How We Use This Information

• Provide Core Services: Use web page content to call Kimi AI for generating summaries, converting Markdown, and providing tag suggestions.
• Identity Verification: Verify your login status and protect account security.
• Usage Management: Track daily call counts to prevent service abuse.
• Bookmark Management: Save, synchronize, and classify your bookmarked web pages.
• Multi-turn Conversations: Provide continuous Q&A functionality based on summary content.
• Service Improvement: Analyze aggregated usage data to optimize features and performance.
• Announcement Delivery: Display important product-related notifications to you.

3. Data Storage and Security

3.1 Local Storage

• History records, summary content, bookmark cache, JWT Token, and language preferences are all stored in your browser's chrome.storage.local.
• Local data is not automatically synchronized to the cloud; it only interacts with the server when you actively initiate a request.
• You can delete local information at any time by clearing browser extension data or uninstalling the extension.

3.2 Server Storage

• Account information, call records, bookmark data, and feedback content are stored in the server database managed by the operator.
• Passwords are stored using bcrypt one-way hashing and cannot be reverse-engineered to reveal the original password.
• JWT Tokens are used to maintain login status, have a limited validity period, and are stored in your local browser.

3.3 Markdown File Storage

• If you select "Save to Server" mode, converted Markdown files will be stored in a designated server directory, isolated by user.
• If you select "Download to Local" mode, files are saved directly to your device and will not remain on the server (unless the "Save to server when downloading" option is also enabled).

3.4 Data Transmission Security

• In production environments, all data transmission is encrypted via HTTPS.
• JWT Tokens are transmitted in request headers for authentication purposes.

3.5 Browser Script Injection Disclosure

• Purpose of Injection: To obtain the full HTML content of the current web page for generating summaries and Markdown, this extension uses Chrome's chrome.scripting.executeScript API to inject a minimal read-only function into the active tab.
• Injected Content: The injected script consists of a single line: () => document.documentElement.outerHTML. It only reads the page's complete HTML text and performs no other operations.
• No DOM Modification: The injected script does not modify page content, insert or remove any DOM nodes, alter page styles, or monitor user behavior.
• No External Scripts: The injected code is entirely embedded within the extension package. It does not load any remote scripts from the network, nor does it use dynamic execution methods such as eval or new Function.
• Trigger Condition: Script injection only occurs when you actively click buttons such as "Generate Summary" or "Convert Markdown." It does not execute automatically or silently in the background.

4. Information Sharing and Third-Party Services

4.1 We Do Not Sell Your Data

We do not sell, rent, or otherwise share your personal information with any third party for commercial purposes.

4.2 Necessary Third-Party Services

• Kimi AI (Moonshot AI): To enable summary generation and Markdown filtering features, web page content needs to be sent to Kimi AI for processing. For specific privacy terms, please refer to the Kimi Privacy Policy.
• WeCom (Optional): If you submit feedback, the feedback content may be pushed to the operations team via WeCom bot, solely for handling your inquiry.

4.3 Legal Requirements

We may disclose your information only in the following circumstances:

• With your explicit consent;
• As required by laws and regulations, or in response to legitimate requests from government authorities;
• As necessary to protect our legitimate rights and interests or public safety.

5. Data Access in the Admin Dashboard

Personnel with administrator privileges can access the admin dashboard via an encrypted random path and perform the following actions:

• View user account information (email, nickname, registration time); passwords cannot be viewed.
• View call records (operation type, page URL, time, IP) for service operations and abuse investigation.
• View bookmark data and tags for data management and troubleshooting.
• View user feedback content for product improvement.
• Disable or enable user accounts (applies only to regular users; administrator accounts are not affected).

6. Your Rights

• Right to Access: You can view your own usage records and bookmarks in the extension settings and dashboard.
• Right to Deletion: You can clear local history, uninstall the extension, or contact an administrator to delete your account and backend data at any time.
• Right to Correction: You can modify personal information such as your nickname in the extension.
• Withdraw Consent: You can stop using the service and delete your account at any time.

7. Data Retention Period

• Local Data: Retained until you actively clear it or uninstall the extension.
• Account Information: Retained until you request account deletion.
• Call Records: Retained for statistics and operations, for a period not exceeding 2 years.
• Feedback Information: Retained until processing is complete or you request deletion.

8. Children's Privacy

This service is not provided to children under 14 years of age. If you discover that a user under 14 has provided us with personal information, please contact us and we will take steps to delete the relevant information.

9. Updates to This Privacy Policy

We may update this privacy policy from time to time. The updated policy will be published on this page, and significant changes will be notified to you via in-extension announcements or other appropriate means. Please review this policy regularly to stay informed of the latest content.

10. Contact Us

If you have any questions, comments, or requests regarding this privacy policy, please contact us through the following methods:

• Submit your questions through the "Feedback" feature within the extension.

Thank you for trusting and using "Web Page Summary Assistant." We are committed to continuously protecting your privacy and data security.