Privacy Policy

Last Updated: January 28, 2026

Effective Date: January 28, 2026

Company: InstantIQ

Website: https://instantiq.app

Introduction

Welcome to InstantIQ ("we," "our," or "us"). We are committed to protecting your privacy and being transparent about how we collect, use, and protect your personal information.

This Privacy Policy explains our practices regarding data collection and usage when you use our Chrome browser extension and related services. By using InstantIQ, you agree to the collection and use of information in accordance with this policy.

Our Privacy Promise: We never sell your personal data to third parties. Your questions, answers, and usage data are yours - we're just here to help you learn.

Our Privacy Principles

🔒 Security First

Your data is encrypted in transit and at rest using industry-standard protocols.

🎯 Data Minimization

We only collect what's necessary to provide our service.

✨ Transparency

We're clear about what we collect, why, and how we use it.

👤 Your Control

Access, export, or delete your data anytime you want.

Information We Collect

1. Account Information

When you create an InstantIQ account, we collect:

  • Email Address: Required for account creation, authentication, and important service communications
  • Password: Stored as a cryptographic hash using bcrypt (we never see your actual password)
  • Account Preferences: Your chosen settings like default AI mode, theme preferences, and notification settings

2. Usage Data

To improve our service and provide you with insights, we collect:

  • Question Text: The text content of questions you submit (stored for your history)
  • AI Responses: Answers provided by our AI models
  • Usage Statistics: Number of questions asked, AI modes used, response times (anonymized)
  • Error Logs: Technical logs to diagnose and fix issues (contain no personally identifiable information)

3. Screenshot Data

Important: Screenshots are handled with extreme care for your privacy.

  • Screenshots are temporarily processed in memory on our secure servers
  • Deleted immediately after AI processing (typically within 5-10 seconds)
  • Never stored on disk or in any database
  • Never shared with third parties beyond AI processing

4. Payment Information

For paid subscriptions, payment processing is handled entirely by Stripe (PCI-DSS Level 1 certified). We collect:

  • Subscription Tier: Which plan you've subscribed to (Free, Pro, or Unlimited)
  • Stripe Customer ID: A reference number linking your account to Stripe
  • Subscription Status: Whether your subscription is active, canceled, or expired

We do NOT collect or store: Credit card numbers, CVV codes, banking information, or any payment credentials. All payment data stays with Stripe.

5. Technical Information

  • Browser Extension Version: To ensure compatibility and provide support
  • Chrome Version: For debugging and compatibility purposes
  • API Request Logs: Timestamped requests for security and debugging (IP addresses anonymized after 90 days)

How We Use Your Information

Data TypePurposeLegal Basis
Email & PasswordAccount authentication and securityContract Performance
Questions & AnswersProvide AI responses and maintain your historyContract Performance
Usage StatisticsImprove service quality and detect abuseLegitimate Interest
Payment DataProcess subscriptions and prevent fraudContract Performance
Technical LogsDebug issues and ensure service reliabilityLegitimate Interest

Specific Use Cases:

  1. Provide Our Service: Process your questions with AI models and deliver accurate answers
  2. Maintain Your Account: Authenticate you, track your quota, and manage your subscription
  3. Improve Our Product: Analyze anonymized usage patterns to enhance features and performance
  4. Send Service Communications: Important updates, security alerts, billing notifications
  5. Provide Support: Help you troubleshoot issues and answer your questions
  6. Prevent Abuse: Detect and prevent fraudulent activity, spam, or service violations
  7. Legal Compliance: Comply with applicable laws and respond to legal requests

Third-Party Services & Data Sharing

We Share Data With:

1. AI Service Providers

OpenAI (GPT-4 Vision) & Anthropic (Claude 3.5 Sonnet)

  • What we share: Question text and screenshots (temporarily, for processing only)
  • Why: To generate accurate AI responses
  • Their policies: OpenAI Privacy | Anthropic Privacy
  • Data retention: As per their API policies (typically not stored)

2. Payment Processor

Stripe

  • What we share: Email address and subscription details
  • Why: Process payments and manage subscriptions
  • Their policy: Stripe Privacy Policy
  • Certification: PCI-DSS Level 1 (highest security standard)

3. Email Service

Resend

  • What we share: Email address only
  • Why: Send account verification, password resets, and important service notifications
  • Their policy: Resend Privacy

4. Cloud Infrastructure

Railway

  • What we share: All service data (encrypted)
  • Why: Host our application and database
  • Their policy: Railway Privacy
  • Location: US data centers

Important: We do NOT sell, rent, or trade your personal information to any third parties for marketing purposes. Ever.

Data Retention & Deletion

Data TypeRetention PeriodReason
Screenshots5-10 secondsDeleted immediately after AI processing
Question HistoryUntil you delete or close accountProvide access to your past questions
Account DataUntil account deletionMaintain your account and preferences
Payment Records7 years after last transactionTax and legal compliance
Usage Logs90 days (anonymized after 30 days)Security monitoring and debugging

Deleting Your Data

You have full control over your data. You can:

  • Delete Individual Questions: Click the delete icon in your history
  • Clear All History: Use the "Clear History" button in settings
  • Export Your Data: Download your question history as JSON or CSV
  • Delete Your Account: Email support@instantiq.app - we'll delete all your data within 30 days

Your Privacy Rights

Depending on your location, you may have the following rights:

For All Users:

  • Right to Access: Request a copy of all data we have about you
  • Right to Correction: Update inaccurate or incomplete data
  • Right to Deletion: Request deletion of your personal data
  • Right to Export: Download your data in a machine-readable format

For EU/UK Users (GDPR):

  • Right to Object: Object to certain types of processing
  • Right to Restriction: Limit how we use your data
  • Right to Portability: Transfer your data to another service
  • Right to Lodge a Complaint: Contact your local data protection authority

For California Users (CCPA):

  • Right to Know: What personal information we collect and why
  • Right to Delete: Request deletion of personal information
  • Right to Opt-Out: Opt-out of sale of personal information (we don't sell data)
  • Right to Non-Discrimination: Equal service regardless of privacy choices

To exercise these rights: Email us at privacy@instantiq.app with your request. We'll respond within 30 days.

Security Measures

We take security seriously and implement industry-standard measures to protect your data:

Technical Security:

  • Encryption in Transit: All data transmitted using TLS 1.3
  • Encryption at Rest: Database encrypted with AES-256
  • Password Security: Hashed with bcrypt (industry standard)
  • API Security: JWT tokens with short expiration times
  • Rate Limiting: Prevents brute force and abuse attempts

Organizational Security:

  • Regular security audits and penetration testing
  • Minimal access principle (only authorized personnel)
  • Incident response plan for potential breaches
  • Regular backups with encryption

Note: While we implement robust security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but we continuously work to protect your data.

Cookies & Tracking Technologies

InstantIQ uses minimal cookies and tracking:

Essential Cookies (Required):

  • Authentication Token: JWT token to keep you logged in
  • Session Cookie: Maintain your session state

We Do NOT Use:

  • Advertising cookies
  • Social media tracking pixels
  • Third-party analytics beyond basic error tracking
  • Cross-site tracking

Children's Privacy

InstantIQ is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately at privacy@instantiq.app and we will delete that information.

International Data Transfers

Your data may be transferred to and processed in countries other than your own. Specifically:

  • Primary Location: United States (Railway hosting)
  • AI Processing: May be processed in US data centers (OpenAI, Anthropic)
  • Safeguards: We use Standard Contractual Clauses (SCCs) approved by the EU Commission

For EU users, by using InstantIQ, you consent to this transfer of data.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will:

  1. Update the "Last Updated" date at the top
  2. Notify you via email (to your registered email address)
  3. Show an in-app notification when you next use InstantIQ

Continued use of InstantIQ after changes constitutes acceptance of the updated policy.

California "Do Not Track" Disclosure

InstantIQ does not track users across third-party websites and therefore does not respond to Do Not Track (DNT) signals.

Contact Information

Questions About Privacy?

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@instantiq.app

Support: support@instantiq.app

Website: https://instantiq.app

Response Time: We aim to respond within 48 hours

For EU Users:
If you're not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority.

© 2026 InstantIQ. All rights reserved.

Home | Terms of Service | Privacy Policy | Support