Privacy Policy for FillMate

Last updated: August 23, 2025

1. Introduction

FillMate ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our Chrome extension.

2. Information We Collect

2.1 Local Storage (Chrome Extension Storage)

• Extension settings and preferences (mode, model, temperature, max tokens, button position)
• Usage counters (daily and total form fills)
• OpenAI API keys (stored locally in browser storage, encrypted)
• Knowledge base files uploaded by you (stored as text content with timestamps and file sizes)
• Context display preferences

2.2 Form Data Processing

• Form field labels, placeholders, and contextual information from web pages
• Spatial layout analysis of form fields and surrounding text
• Page titles, URLs, and structural elements (headings, breadcrumbs, tables)
• Current form field values for context
• Generated AI responses for form completion

2.3 Page Access

• The extension has access to all websites (<all_urls>) to analyze form fields
• Real-time analysis of DOM elements and page structure
• Detection of form fields and input elements across all websites

2.4 Browser Permissions

• Active tab access for form field detection
• Storage permissions for saving settings and usage data
• Tabs permission for monitoring Stripe success pages
• Notifications permission for premium unlock confirmations

3. How We Use Information

• To provide AI-powered form filling functionality by analyzing page context
• To maintain usage limits for free users (10 fills per day)
• To generate contextually appropriate form responses using AI
• To enhance form filling accuracy through spatial and structural analysis
• To provide knowledge base functionality for personalized responses

4. Data Storage and Security

• All personal data is stored locally on your device using Chrome's extension storage API
• Important: API keys are stored in browser storage (encrypted)
• We do not store personal information on our servers
• Form data is processed in real-time and not retained after processing
• Usage counters and premium status are stored locally
• Knowledge base files are stored as plain text in browser storage

5. Third-Party Services

5.1 OpenAI API (Pro Mode)

In Pro mode, form context and prompts are sent directly to OpenAI's API using your API key. This includes:

• Form field context, labels, and surrounding page content
• Generated prompts containing page structure and form information
• Your knowledge base content (if uploaded)

Please review OpenAI's privacy policy for how they handle this data.

5.2 OpenRouter Proxy Service (Lite Mode)

In Lite mode, requests are processed through our proxy service at openrouter-proxy.krivolap-dima.workers.dev. The same form context data is sent to this service, which forwards it to OpenAI through OpenRouter. No personal data is logged or retained by our proxy.

5.3 Stripe Payment Processing

Payment processing is handled by Stripe. The extension monitors for successful payment completion on specific URLs (fillmate.info/thank-you and buy.stripe.com) to automatically unlock premium features. We receive only transaction completion notifications through URL monitoring.

5.4 Host Permissions

The extension requests permission to access specific domains:

• api.openai.com: Direct API calls in Pro mode
• buy.stripe.com: Payment processing and success detection
• fillmate.info / www.fillmate.info: Success page monitoring
• openrouter.ai: Proxy service routing

6. Data Sharing

We do not sell, trade, or share your personal information with third parties, except:

• With your explicit consent
• To comply with legal obligations
• Through the third-party AI services (OpenAI/OpenRouter) as necessary for functionality
• Form context data is sent to AI services to generate responses
• Payment completion monitoring through Stripe URLs for premium feature activation

6.1. Data Transmitted to AI Services

When using FillMate, the following information may be sent to AI services:

• Form field labels, placeholders, and context
• Page titles and URL segments
• Surrounding text and structural elements
• Knowledge base content you've uploaded
• Current form field values (for context)

Note: No sensitive data like passwords, credit card numbers, or SSNs should be processed, but we recommend reviewing what information is on pages where you use the extension.

7. User Rights and Data Control

• You can delete all extension data by uninstalling the extension
• You can manually delete knowledge base files through the extension settings
• You control what information you provide to the extension
• You can switch between Lite and Pro modes to control data routing
• You can disable context information display in settings
• You can hide or reposition the AI button through display options
• Your API keys remain under your control and can be removed at any time

8. Updates to Privacy Policy

We may update this Privacy Policy periodically. Continued use of the extension constitutes acceptance of any changes.

9. Contact Information

For privacy-related questions, please contact us through the Chrome Web Store or our website.

10. Children's Privacy

Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.