Privacy Policy — ChatVibes AI

Effective Date: March 14, 2026
Last Updated: March 14, 2026

TL;DR — ChatVibes AI reads your visible chat messages locally, stores everything on your device, and only sends conversation context to Google Gemini when you actively use AI features — authenticated with your own API key. No data is sent to any server owned by ChatVibes AI. You can delete all stored data at any time.

Overview

ChatVibes AI is a Chrome browser extension that provides AI-powered analysis of your messaging conversations. This privacy policy explains what data the extension accesses, how it is stored, what is transmitted externally, and the controls available to you.

Key principle: ChatVibes AI is designed as a local-first tool. All conversation data stays on your device unless you explicitly use the AI analysis features, which send conversation context to Google's Gemini API using your own API key.

1. Data the Extension Accesses

When you use ChatVibes AI on a supported messaging platform (currently WhatsApp Web), the extension's content script reads the visible page DOM to extract:

Message content: Text of messages in the active conversation, including emoji-rendered content
Sender information: Display names of conversation participants (not phone numbers or account IDs, unless displayed in the chat)
Timestamps: Message dates and times as displayed in the chat interface
Message metadata: Message direction (incoming/outgoing), forwarded status, reply/quote context, and reactions
Media placeholders: Descriptive labels for images, GIFs, voice notes (including duration), stickers, files/documents (filename, type, size), and contact cards — the extension does not download or store actual media files, photos, or audio recordings
Call event indicators: Voice/video call status labels (initiated, received, missed) as displayed in the conversation
Chat recipient details: Conversation name, group chat status, participant list, and profile icon URL as rendered by the platform
Your profile icon URL: The current user's avatar URL as displayed by the platform (used only for UI rendering in the side panel)

What the Extension Does NOT Access

Your messaging account credentials, passwords, or authentication tokens
Messages from conversations you have not opened
Actual media files (photos, videos, audio recordings, documents) — only metadata labels
Phone numbers or email addresses (unless they appear in visible message text)
Browser history, bookmarks, or data from other websites
Data from any website other than the supported messaging platforms listed in the manifest

2. Data Storage

All data is stored locally on your device using browser-provided storage mechanisms. ChatVibes AI has no proprietary server or cloud database.

IndexedDB (Browser Local Database — `chatvibes-cache`)

Store	What It Contains	Retention
`conversations`	Conversation metadata: platform name, chat name, group status, participant names, icon URL, last-updated timestamp	Until you delete it via the Saved Memory view
`messages`	Cached message records: text, sender, timestamp, message type, reply context, media metadata labels, forwarded status. Capped at 5,000 messages per conversation (oldest are trimmed).	Until you delete the conversation cache or clear browser data
`aiThreads`	AI session metadata: thread ID, associated conversation, recipient name, platform, timestamps, turn count, preview text	Until you delete the thread via AI History
`aiTurns`	Individual AI interaction turns: user prompts and AI responses with timestamps. Capped at 200 turns per thread.	Until the parent thread is deleted

Chrome Local Storage (`chrome.storage.local`)

Key	What It Stores
Gemini API key	Your Google Gemini API key (entered by you in Settings)
Selected AI model	Your model preference (e.g., Flash, Flash-lite, Pro)
Cache toggle	Whether the conversation cache feature is enabled
AI thread memory	Follow-on conversation context per AI thread (recent turn summaries, open questions, decisions) — used to maintain continuity across AI sessions

What Is NOT Stored

No data is stored on any external server owned or operated by ChatVibes AI
No cookies or tracking identifiers are created
No usage analytics, telemetry, or crash reports are collected or transmitted

3. Data Transmitted to Third Parties

Google Gemini API

When you use any AI feature (Summarize, Draft, Query, or Reflect), the extension sends data to Google's Generative Language API (generativelanguage.googleapis.com). This is the only external data transmission the extension performs.

What is sent:

A structured conversation payload containing: raw message text, sender display names (with the current user normalized to a generic "me" role), timestamps, message types, and relevant metadata (reply context, forwarded labels, media description labels, call event types)
Your query or prompt text
Prior AI conversation turns for the active thread (to maintain continuity)
A compressed summary of older conversation history when the conversation is large (budget-aware context compression)

What is NOT sent:

Your API key is transmitted only as an authentication header to Google — it is not sent to any other party
Actual media files, images, audio, or video content
Your browser history, cookies, or any data unrelated to the active conversation

Authentication: You provide your own Google Gemini API key. ChatVibes AI does not supply, proxy, or intermediate API keys. Your usage of the Gemini API is governed by Google's API Terms of Service and Google's Privacy Policy.

Streaming: AI responses are delivered via server-sent events (SSE) streaming directly from Google's API to your browser. No intermediate server processes or stores the data.

4. Permissions Explained

The extension requests the following Chrome permissions:

Permission	Why It Is Needed
`sidePanel`	To display the ChatVibes AI interface in Chrome's side panel
`tabs`	To detect which tab is active and whether it contains a supported messaging platform, so the side panel can scope its content to the correct tab
`storage`	To persist your settings (API key, model preference, cache toggle) and AI thread memory locally
Host: `web.whatsapp.com`	To inject the content script that reads conversation data from WhatsApp Web
Host: `generativelanguage.googleapis.com`	To communicate with the Google Gemini API for AI features

5. Your Controls and Data Deletion

You have full control over all data stored by the extension:

Delete individual conversation caches: Open Saved Memory from the header menu and delete any saved conversation
Delete all conversation caches: Use the "Delete All" action in Saved Memory
Delete individual AI threads: Open AI History from the menu and delete any saved AI session
Remove your API key: Go to Settings and clear or replace your Gemini API key
Disable conversation caching: Toggle off conversation caching in Settings to prevent new message data from being persisted
Clear all extension data: Remove the extension from chrome://extensions or clear site data for the extension, which removes all IndexedDB and local storage entries
Revoke host access: Disable the extension or remove host permissions via Chrome's extension settings to stop all DOM reading

6. Data Security

All local data is stored using Chrome's built-in storage APIs (IndexedDB and chrome.storage.local), which are sandboxed to the extension and inaccessible to other extensions or websites
Your API key is stored in chrome.storage.local, which is encrypted at rest by Chrome on supported operating systems
All communication with the Google Gemini API occurs over HTTPS
The extension does not include any analytics SDKs, tracking pixels, advertising libraries, or telemetry frameworks
The production build minifies and obfuscates JavaScript to reduce exposure of internal logic

7. Children's Privacy

ChatVibes AI is not directed at children under the age of 13. The extension does not knowingly collect personal information from children. If you believe a child has used this extension, all locally stored data can be removed by uninstalling the extension.

8. Changes to This Policy

We may update this privacy policy to reflect changes in the extension's functionality. When we do, we will update the "Last Updated" date at the top of this page. Continued use of the extension after changes constitutes acceptance of the revised policy.

9. Contact

If you have questions or concerns about this privacy policy or the extension's data practices, please contact:

Pair and Pivot, LLC
pairandpivot@gmail.com

← Back to ChatVibes