Privacy Policy

Last updated: May 14, 2026

Our Privacy Promise

At JawJaw, privacy is not a feature - it's the foundation. This policy explains how we handle data in clear, simple terms. We follow one rule: your data stays on your device.

1. What We Don't Do

• We don't collect personal data. No names, emails, or identifying information. We don't even have a login system.
• We don't see your API key. Your OpenAI key is stored in your browser's local storage. We have no server that could read it.
• We don't see what you read or write. Post content goes straight from your browser to OpenAI. We are not in that chain.
• We don't track your activity. No analytics in the extension. No cookies for tracking.
• We don't sell anything. We don't have data to sell, and we don't want to.

2. What is Stored (Locally Only)

Everything stays in chrome.storage.local on your computer:

• OpenAI API Key - Used to authenticate with OpenAI. Never leaves your device except in direct API calls to OpenAI.
• Language & Persona preferences - Your selected UI language and default AI persona.
• License key - Your Pro license code (if purchased).
• Lead Generation config - Your product name, URL, description, and keywords. This is used to personalize AI replies. It never leaves your browser.
• Daily usage counters - Tracks how many Pro persona replies you've used today (Free tier limit). Resets daily.

This data is stored using Chrome's storage.local API. Uninstalling the extension deletes everything.

3. How Replies Are Generated

When you click the JawJaw button on a post:

1. The extension reads the text of the post/comment you're viewing
2. The post text + your persona settings + your lead gen config (if enabled) are sent directly from your browser to OpenAI's API (api.openai.com)
3. OpenAI generates a response and sends it back to your browser
4. The reply is displayed in the extension's modal window

Important: This communication is strictly between your browser and OpenAI. JawJaw has no backend server. We never see the post content, the generated reply, or your settings.

4. Third-Party Services

• OpenAI API - For generating replies. Please review OpenAI's Privacy Policy. OpenAI does not use API data to train models by default.
• This Website (jawjaw.pro) - Uses Google Analytics to understand traffic patterns and improve our landing page. IP addresses are anonymized. You can opt out using browser extensions like uBlock Origin or Google's opt-out browser add-on.
• Gumroad - If you purchase Pro, payment processing is handled by Gumroad. They process your payment info according to their privacy policy. We only receive your license key.

5. Permissions Explained

The extension requests these permissions in your browser:

• storage - To save your settings, API key, and license locally
• host_permissions for facebook.com, reddit.com, twitter.com, x.com - To inject the reply button and read post content when you click it
• host_permissions for api.openai.com - To send requests to OpenAI's API

6. Lead Generation Data

If you enable Lead Generation, you provide:

• Your product name, URL, description, and keywords
• This data is used to craft replies where your product is mentioned naturally
• It is stored only in your browser's local storage
• It is sent to OpenAI as part of the prompt context when generating replies
• We have no access to this data. Period.

7. Your Rights

• Uninstall anytime - Removes all stored data instantly
• Clear data manually - Via Chrome Settings > Extensions > JawJaw > Clear data
• No lock-in - Your data is portable. There is no cloud account to close.

8. Contact

Questions about privacy or data practices:

• Email: haser88@gmail.com
• GitHub: github.com/hsr88/jawjaw

9. Changes

We may update this policy as JawJaw evolves. Significant changes will be announced on GitHub releases. The "Last updated" date at the top of this page always reflects the current version.