NorthStar AISign in →

Legal

Privacy Policy

Last updated:

NorthStar AI (“we”, “our”, or “us”) is a Chrome extension and web platform that provides AI-generated, source-backed context on political, scientific, social, and cultural claims. This Privacy Policy explains what information we collect, why we collect it, and how we use and protect it.

By using NorthStar AI you agree to the practices described here. If you disagree with any part of this policy, please discontinue use of the service.

1. Information We Collect

We collect only what is necessary to provide the service.

Account informationEmail address, display name (from Google or email/password sign-up)
Usage dataNumber of AI queries made and tokens consumed — used to enforce plan limits
Highlighted textThe text you highlight in your browser is sent to our servers only to generate a context response; it is not stored permanently

2. What We Do Not Collect

  • Browsing history or the URLs of pages you visit
  • Keystrokes, form inputs, or any data you type outside the extension UI
  • Device identifiers, hardware fingerprints, or precise location
  • Payment card details (billing, if applicable, is handled entirely by Stripe)
  • Any data sold to, or shared with, advertising networks

We do not sell your data. We do not serve ads. We do not build advertising profiles.

3. How We Use Your Information

  • Providing the service: Authenticating your account and delivering AI-generated context in response to your queries
  • Enforcing plan limits: Tracking token and query usage to apply the correct plan tier
  • Service communications: Sending essential transactional emails (e.g., account confirmation). We do not send marketing emails without your explicit consent
  • Security & abuse prevention: Detecting and blocking fraudulent activity or misuse of the API
  • Product improvement: Aggregated, anonymised usage metrics to understand how features are used — never tied to individual identities

4. Third-Party Services

NorthStar AI integrates with the following third-party providers to operate the service. Each is bound by its own privacy policy.

Firebase (Google)

User authentication and database storage of account profiles

OpenAI

Generating AI-powered context and analysis from highlighted text

CrossRef

Fetching academic citation and publication metadata to back claims

PubMed (NCBI)

Retrieving biomedical and life-science literature references

NewsAPI

Surfacing relevant news sources to provide real-world context

Serper

Powering web-search lookups to find supporting or conflicting sources

Highlighted text submitted for analysis is sent to OpenAI, CrossRef, PubMed, NewsAPI, and/or Serper only to generate a response and is not retained by those services beyond their standard request-handling windows.

5. Data Retention

Account profileRetained for as long as your account is active. Deleted within 30 days of an account deletion request.
Query & token countsRetained for the lifetime of your account for billing and plan enforcement purposes.
Highlighted textNot stored. Discarded immediately after a response is generated.
BackupsEncrypted backups may retain data for up to 90 days before automatic deletion.

6. Data Security

All data is transmitted over TLS/HTTPS. Account data is stored in Google Firebase with role-based access controls. We follow industry-standard security practices, but no method of transmission or storage is 100% secure. We will notify affected users promptly in the event of a data breach that poses significant risk.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Object to or restrict processing of your data
  • Receive a portable copy of your data

To exercise any of these rights, email us at hello@northstarproject.co. We will respond within 30 days.

8. Children's Privacy

NorthStar AI is not directed at children under the age of 13 (or 16 where applicable under GDPR). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this policy from time to time. When we do, we will update the “Last updated” date at the top of this page. Continued use of NorthStar AI after changes are posted constitutes your acceptance of the revised policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out:

hello@northstarproject.co