Privacy Policy
Last updated: 2026-06-30 · Applies to: Did I Promise? v1.1 (the v1 series)
What we collect
- Only confirmed reminders are saved. Nothing is stored unless you click Add reminder.
- A saved reminder contains: the title and detected action, the due time you accepted or edited, a short (secret-redacted) snippet for context, a friendly source label / hostname / page URL, optional recipient or conversation labels if the site exposed them, timestamps, and a confidence score.
- Everything is stored locally in your browser via
chrome.storage.local.
What we never do (v1)
- No ads.
- No selling or sharing of your data — there is no server to send it to.
- No external AI. Detection runs entirely on-device with local rules.
- No tracking and no analytics. We collect zero usage data.
- No accounts. You never sign up or log in.
What we analyze, and when
Did I Promise? works only on sites you enable. It ships with access to zero sites. On an enabled site it looks at the text in the message box as you type, in memory, on your device, to check whether you've made a possible promise. The raw text is never stored automatically — it is examined and discarded as you keep typing.
Sensitive fields are ignored
The privacy filter refuses to read or store text from:
- Password fields and any field with a password-like autocomplete (current-password, new-password, one-time-code).
- Payment / credit-card fields (cc-number, cc-csc, cc-exp, cc-name, etc.).
- Fields whose name/label suggest password, passcode, OTP, 2FA, token, secret, card, CVV/CVC, IBAN, SSN, bank, or PIN; and contenteditable boxes inside payment or authentication forms.
- Entire pages that look like banking, checkout, payment, login/sign-in, account-security, or password-reset.
Card-, IBAN-, or PIN-shaped text is also redacted from the saved snippet.
Your controls
- Works only on enabled sites. You opt in per site; disabling a site removes its content script and drops the host permission.
- You can delete all data anytime (Settings → Your data → Delete all data). This wipes every reminder and resets settings.
- Export and import your reminders as a JSON file.
- An optional extra-strict privacy mode stores no snippet or source URL at all.
Permissions
storage (save reminders locally), alarms (check for
due reminders), notifications (due alerts), scripting
(run the detector only on enabled sites), activeTab (read the
current site's name in the popup). Host access is requested per site, on
demand when you click Enable — the extension ships with access to no sites.
Notifications
Due-time notifications show only the reminder title you confirmed — never raw message content.
Changes
If a future version adds optional cloud features, they will be opt-in, clearly explained, and this policy will be updated before any data leaves your device.
Contact
Questions? See Support or email michalprzerwastolarski@gmail.com.