Privacy Policy
Last updated: March 18, 2026
MarketSpy ("we", "our", "us") is a
Chrome browser extension part of the Spy Suite, that provides AI-powered
analysis. This Privacy Policy explains how we collect, use, and protect
your information when you use our extensions and services.
01 Information We Collect
Account information:
-
Name, email address, and hashed password when you create an account
- These are required for authentication and credit management
Website content (temporary):
-
When you explicitly request an analysis, we extract visible text
content from the active webpage (headings, paragraphs, call-to-action
buttons, navigation links, meta descriptions)
-
This content is sent to our server
only when you click an analysis button — never
automatically
-
The extracted text is processed in real-time and is
not permanently stored in raw form
Analysis results:
-
The AI-generated analysis results are stored in your account history
so you can review them later
-
Results are associated with the domain analyzed and your user account
Usage data:
-
Number of analyses performed, credits used, and account creation date
-
No browsing history, clicks, mouse movements, or keystrokes are
tracked
02 How We Use Your Information
-
Account info — Used for authentication, session
management, and credit balance tracking
-
Website content — Sent to our AI analysis server and
processed in real-time to generate marketing insights. The raw page
content is not stored after analysis.
-
Analysis results — Stored in your account history for
your convenience
-
Usage data — Used to manage your credit balance and
improve the service
03 Data Sharing
We do not sell, rent, or share your personal data with any third
party.
- AI analysis is processed on our own servers
-
Payment processing is handled by Stripe. We never see
or store your credit card details. Stripe's privacy policy applies to
payment transactions.
-
No data is shared with advertisers, data brokers, or analytics
providers
04 Data Storage & Security
-
Your account data is stored on a secure
PostgreSQL database hosted on AlwaysData (EU-based
servers)
-
Passwords are hashed using bcrypt — we never store
plaintext passwords
- All API communication uses HTTPS encryption
-
JWT tokens are used for session management with 7-day
expiration
-
Local browser storage (chrome.storage.local) contains only your
session token and cached analysis results — no sensitive personal data
05 Browser Permissions
Our extensions request the following Chrome permissions and use them
strictly as described:
-
activeTab — To read content from the page you choose
to analyze (only when you click a button)
-
scripting — To inject the content extraction script
into the active tab
-
storage — To save your session token and cache recent
results locally
-
tabs — To retrieve the URL of the active tab for
domain identification
-
Host permission — To communicate with our API server
at marketspy.alwaysdata.net
06 Data Retention
- Account data is retained as long as your account is active
-
Analysis history is kept for your reference until you delete your
account
-
You can request complete deletion of your account and all associated
data at any time
07 Your Rights
You have the right to:
- Access your personal data
- Modify your account information
- Delete your account and all associated data
- Export your analysis history
To exercise any of these rights, contact us at the email below.
08 Children's Privacy
Our extensions are not intended for users under the age of 16. We do not
knowingly collect personal information from children.
09 Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be
posted on this page with an updated revision date. Continued use of the
extension constitutes acceptance of the updated policy.
10 Contact