Privacy Policy
Welcome to Essentyx. Essentyx is a browser extension that neutralizes emotionally biased and manipulative language in news articles and other long-form web content. When you use Essentyx, you are trusting us to handle your data with care, and we take that trust seriously. We do not sell user data and we do not train AI models on the text you submit.
Essentyx is a product operated by Mindwave IT Services - FZCO. Essentyx itself is not a separate legal entity. Throughout this Privacy Policy, "Essentyx", "we", "us" and "our" refer to Mindwave IT Services - FZCO acting in connection with the Essentyx product.
This Privacy Policy describes how we collect, use, share and protect information when you interact with the Essentyx browser extension, web dashboard and website at https://essentyx.com (collectively, the "Service"). It applies when you interact with us as an individual, such as when you create an account, install the extension, subscribe to a paid plan or browse our website.
If you use Essentyx under the management of an employer, organization or other legal entity, additional terms or a separate data processing arrangement may apply. Contact us if you need an arrangement of that kind.
About this AI tool. Essentyx is an AI-powered text-neutralization service. Outputs may contain errors and are not legal, financial or medical advice. You are responsible for reviewing neutralized text before relying on it. See Warranty Disclaimers and Limitation of Liability in our Terms of Service.
We may update this Privacy Policy from time to time by publishing an updated version. If we make material changes, we will provide you with additional notice, such as by sending you an email.
Information We Collect
1. Account Information
- When you sign up via Google OAuth, we receive your name, email address and Google profile picture (if available). We do not access your Google contacts, calendar, or other Google services.
- You may update or disconnect your Google account at any time through your account settings.
2. Text Submissions (User Content)
- You submit text (up to 5,000 characters) for neutralization. This text is processed entirely in-memory and is never stored on our servers after neutralization completes.
- We do not retain copies of your original submissions or neutralized outputs.
3. Analytics Metadata (Pro Plan Only)
- If you use the Pro plan with analytics enabled, we store limited, non-identifying metadata associated with your account:
- Trigger counts (e.g., "3 emotional language triggers detected")
- Trigger categories/types (structured classifications like "hyperbole" or "vague quantifier", never the original text phrases)
- Clarity scores (numerical ratings)
- Character counts
- This metadata helps power your analytics dashboard and charts. You may disable analytics at any time via account settings.
4. Usage and Technical Data
- We collect standard log data when you use Essentyx:
- IP address (used for rate limiting on our public demo endpoint
/neutralize-demo) - Browser type, operating system and device information
- Timestamps of neutralization requests
- Request counts against your plan limits
- IP address (used for rate limiting on our public demo endpoint
- This data helps us monitor service health, prevent abuse and enforce plan limits.
5. Billing Information
- If you subscribe to a paid plan, Stripe (our payment processor) collects and stores:
- Payment method details (credit/debit card or other payment instruments)
- Billing address
- Transaction history
- We do not store full payment card numbers or CVV codes on our servers. We receive only limited billing information from Stripe (e.g., last 4 digits of card, subscription status).
6. Cookies and Similar Technologies
We use cookies and similar browser storage to keep you signed in, remember your preferences and, with your consent, measure how the site is used. The full breakdown lives on our Cookie Policy page; a summary follows.
| Name / key | Purpose | Category | Lifetime |
|---|---|---|---|
| essx_consent_v1 | Stores your cookie preferences so we do not show the banner again | Essential | localStorage, until you clear it |
| Access token | Keeps you signed in to the dashboard for the current tab | Essential | sessionStorage, ~15 minutes |
| Refresh token | Silently restores your session when the access token expires | Essential | HttpOnly cookie, up to 30 days |
| _ga, _ga_* | Google Analytics 4 visitor and session identifiers | Analytics (only set if you accept analytics) | Up to 2 years |
| Extension auth cache | Local credential cache used by the Chrome extension to call the Essentyx API | Functional | Browser local storage, until you sign out |
You can change your cookie choices anytime via the Cookie preferences link in the footer.
How We Use Information
We use the information we collect to:
- Provide, operate and improve Essentyx's core neutralization service
- Display analytics dashboards and charts for Pro users (using stored metadata only)
- Enforce plan limits (e.g., 2,000/5,000/15,000 requests per month)
- Process payments and manage subscriptions via Stripe
- Respond to your support requests
- Prevent fraud, abuse and security incidents
- Comply with legal obligations (e.g., GDPR data deletion requests)
- Send service-related emails (e.g., subscription renewal notices, security alerts)
We do not:
- Sell your personal data to third parties
- Use your text submissions for advertising or marketing
- Train AI models on your content (see "AI Model Training" section below)
How We Share Information
1. With Service Providers
We rely on the following subprocessors to operate Essentyx. Each is contractually obligated to process data only as instructed and to maintain appropriate security measures.
| Subprocessor | Purpose | Data handled | Region |
|---|---|---|---|
| OpenRouter | Routing inference requests to large language models (currently Qwen) for text neutralization | Text submissions, processed transiently and not stored by us | United States |
| Stripe | Payment processing and subscription management | Billing details, payment method, transaction history | United States, Ireland |
| Google Cloud Platform | Hosting application infrastructure and databases | Account information, analytics metadata, usage logs | United States, European Union |
| Google Analytics | Aggregated, anonymized website usage statistics | Anonymized usage data, cookies | United States, European Union |
OpenRouter's data policies apply to the inference transmission step. We do not control OpenRouter's practices and are not responsible for their handling of your data beyond the inference request. Stripe's privacy policy applies to billing data.
2. For Legal Compliance
We may disclose information if required by law, regulation, legal process, or governmental request (e.g., court orders, subpoenas), or to protect our rights, safety, or property.
3. Business Transfers
If we are involved in a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction. We will notify you via email or prominent notice before your data becomes subject to a different privacy policy.
4. With Your Consent
We will not share your personal data beyond the purposes described above without your explicit consent.
AI Model Training and Your Content
Essentyx does not train AI models on your submissions. Your text is sent to OpenRouter solely for inference (neutralization). We do not store it and we do not use it to improve or train any models, ours or third parties'.
OpenRouter's practices: OpenRouter may have its own data retention and usage policies for inference requests. We recommend reviewing OpenRouter's privacy policy for details about their handling of transmitted text. Essentyx is not responsible for OpenRouter's independent data practices beyond our contractual instructions.
Automated Decision-Making
Essentyx's core function, the rewriting of submitted text into neutral phrasing, is performed by AI models without human review of individual requests. The output is informational; it does not produce legal or similarly significant effects on you, and you remain free to accept, reject or edit any rewrite before relying on it.
If you would like a human to review a specific outcome (for example, a clarity score or trigger classification stored in your Pro analytics), you may request human review by emailing essentyx@gmail.com. You may also object to automated processing in accordance with applicable law.
We do not perform profiling for advertising, eligibility or scoring purposes outside the Service's neutralization function.
Data Retention and Deletion
- Text submissions: Immediately discarded after in-memory processing completes. Never persisted.
- Analytics metadata (Pro users): Retained while your account is active. Deleted upon account deletion.
- Account information: Retained while your account is active. Deleted upon account deletion request.
- Billing data: Retained by Stripe per their policies and applicable financial regulations (typically 7 years). We cannot delete Stripe-held data directly but will instruct Stripe to anonymize your account upon deletion request.
- Inactive accounts: Free accounts inactive for 12+ consecutive months may be automatically deleted.
Your deletion rights. You may request complete account deletion at any time via:
- Dashboard:
/account/delete - Email: essentyx@gmail.com
Upon deletion:
- All analytics metadata is permanently erased
- Account information is anonymized
- We retain a one-way hash of your account identifier (such as your Google subject ID) solely to prevent repeat free-trial abuse. The hash is not linked to your name, email or other identifying fields after deletion. Our legal basis for this minimal retention is our legitimate interest in preventing fraud and abuse (GDPR Art. 6(1)(f)). You may object to this retention by writing to essentyx@gmail.com, and we will assess whether your specific circumstances override that legitimate interest.
- We will instruct Stripe to anonymize billing records associated with your account
Your Privacy Rights
Depending on your location, you may have the following rights:
GDPR (European Economic Area, UK, Switzerland)
- Access: Request a copy of personal data we hold about you via
/account/export - Rectification: Correct inaccurate account information
- Erasure: Request complete account deletion (see above)
- Restriction: Limit processing of your data in certain circumstances
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to processing based on legitimate interests
- Withdraw consent: Where processing relies on consent
- Lodge a complaint: File a complaint with your local data protection supervisory authority if you believe we have not complied with applicable data protection law
To exercise these rights, email essentyx@gmail.com. We will respond within 30 days.
CCPA/CPRA (California Residents)
- Right to know: Request categories and specifics of personal information collected
- Right to delete: Request deletion of personal information
- Right to opt-out: We do not "sell" personal information as defined by CCPA, so no opt-out mechanism is required
- Non-discrimination: We will not discriminate against you for exercising CCPA rights
Submit requests via email to essentyx@gmail.com with subject line "CCPA Request."
Other Jurisdictions
Residents of other regions (e.g., Brazil under LGPD, Canada under PIPEDA) may have similar rights. Contact us to discuss applicable protections.
Data Security
We implement industry-standard security measures to protect your information:
- Encryption: All data transmitted between your browser and our servers uses TLS 1.3+
- Authentication: Google OAuth with token validation; session management via secure, HttpOnly cookies
- Infrastructure: Hosted on Google Cloud Platform with firewall rules, DDoS protection and regular security patching
- Access controls: Employee access to production systems is strictly limited and logged
- No storage of sensitive content: Original text submissions never touch persistent storage
Limitations: No system is 100% secure. We cannot guarantee absolute security of data transmitted over the internet. You are responsible for safeguarding your Google account credentials.
International Data Transfers
Essentyx operates globally. Your data may be transferred to, processed in and stored in countries outside your country of residence, including the United States (for OpenRouter and Stripe services) and the United Arab Emirates (our legal entity).
- EEA/UK users: We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to non-adequate countries.
- Other regions: We implement appropriate safeguards per local law requirements.
By using Essentyx, you consent to such cross-border transfers.
Children's Privacy
Essentyx is not intended for children under 16. If you reside in the United States, the minimum age is 13. If you are below the applicable minimum age in your jurisdiction, do not use Essentyx.
We do not knowingly collect personal information from children. If we become aware of such collection, we will promptly delete the information. Contact us at essentyx@gmail.com if you believe a child has provided us with personal data.
Third-Party Links
Our website may contain links to third-party sites (e.g., OpenRouter, Stripe). This Privacy Policy does not apply to those sites. We encourage you to review the privacy policies of any third-party services you interact with.
Data Controller
Unless otherwise stated in a product-specific notice, the data controller for your information is Mindwave IT Services - FZCO. Our contact details are as follows:
Mindwave IT Services - FZCO
Building A1, Dubai Digital Park, Dubai Silicon Oasis
Dubai, United Arab Emirates
You can contact us at essentyx@gmail.com.
We have not yet appointed a representative in the European Economic Area or the United Kingdom for data protection matters. If you are based in the EEA or the UK and need to contact us about data protection, please write to us at the email above and we will route your request to the appropriate person.
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements.
- Material changes (those significantly affecting your rights) will be communicated via email at least 30 days before taking effect.
- Non-material changes (e.g., contact details, feature names) will be posted with an updated "Effective Date" at the top of this page.
Continued use of Essentyx after changes become effective constitutes acceptance. If you disagree with updates, delete your account before the effective date.
Contact Us
Questions about this Privacy Policy or your data? Email us at essentyx@gmail.com.