Sumly Notes Privacy Policy

Effective Date: 2025-05-02

Sumly ("we", "our", or "us") values your privacy. This policy explains how we collect, use, and protect your information through our Chrome extension services, including content summarization, screenshot capture, and note storage. By using Sumly, you agree to the terms herein.

1. Scope of Application

This policy applies to all users of the Sumly Chrome extension and related services across compatible browsers and devices.

2. Information Collection

2.1 User-Provided Data

Account Details: Name, email during registration
User Content: Screenshots, annotations, notes, summary requests
Preferences: Custom themes, keyboard shortcuts

2.2 Automatically Collected Data

Usage Analytics:

Feature usage frequency/duration
Crash reports & performance metrics
Browser type/version (e.g., Chrome 115.0.5790.114)

Device Metadata:

OS version (Windows/macOS/Linux)
Device model identifiers
Screen resolution/DPI

2.3 Third-Party Data

AI Processors: Webpage content submitted for summarization
Cloud Services: Notes sync

3. Data Processing Purposes

3.1 Core Functionality

Content Analysis: Temporary processing of active browser tabs during summarization
OCR Operations: Local text extraction from screenshots
Secure Transmissions: HTTPS encryption for all API communications

3.2 Service Optimization

Anonymized usage pattern analysis (aggregated statistics)
Error diagnostics and stability improvements

3.3 Legal Compliance

Response to lawful government requests
Fraud/security threat prevention

4. Data Sharing & Disclosure

4.1 Prohibited Sharing

No sale/lease of user data to third parties
No unrelated advertising partnerships

4.2 Necessary Disclosures

AI Providers: Minimum content required for processing summaries
Storage Services: User-initiated syncs to external cloud platforms
Legal Requirements: Court orders/subpoenas compliance

5. User Rights

5.1 Access & Portability

View account data via Settings > Profile
Export notes/screenshots in JSON/PDF formats

5.2 Correction & Deletion

Edit account information online
Request data deletion within 30 days of creation
Full erasure within 45 days of account termination

5.3 Processing Restrictions

Email requests to support@sumly.top for:

Suspension of AI data processing
Opt-out of usage analytics

6. Security Measures

6.1 Technical Protections

AES-256 encryption at rest & in transit
Bi-annual penetration testing
OAuth 2.0 authentication

6.2 Organizational Controls

Employee confidentiality agreements
Role-based access controls (RBAC)
Quarterly cybersecurity training

6.3 Incident Response

Critical vulnerabilities patched ≤72 hours
Breach notifications ≤48 hours via registered email

7. International Transfers

Primary servers located in [Specify Region]
GDPR-compliant SCCs for EU/UK data transfers
DPA agreements with sub-processors

8. Children's Privacy

No intentional collection from users <13 years
Prompt deletion upon verification of underage use
Guardian inquiries via support@sumly.top

9. Policy Updates

Material changes notified 30 days prior via in-app banner
Archived versions accessible at sumly.com/privacy/archive
Continued use constitutes acceptance

10. Contact Information

Data Controller: Sumly Notes
Email: support@sumly.top
Response Time: ≤15 business days