Privacy policy for MatKaiOS Core and Extension.

MatKaiOS collects the minimum account data needed to operate the extension and the web portal, including your email address, account identifier, authentication provider, and the records needed to manage your session and access state.

If you choose Sign in with Google, we receive basic Google account data made available through Google and Supabase Auth, such as your email address, display name, profile image (if available), and the provider identifier used to link your Google account to your MatKaiOS account.

We do not access Gmail message bodies, Google Drive files, Google Calendar data, Google Contacts, or Google Workspace content unless a future feature explicitly requests additional scopes and this policy is updated first.

MatKaiOS may also store product data that you create inside the service, such as chat sessions, saved prompts, custom actions, activation status, and security events related to authentication and abuse prevention.

When you invoke extension features that read the active tab, use Web Tools, Mission Mode, or future Browser Mode capabilities, MatKaiOS may access page content, page metadata, URLs, and browser-tab context needed to perform the action you requested.

We also process minimal technical metadata needed to operate and secure the service, such as request timestamps, route-level diagnostics, and anti-abuse/security event logs.

We use account and Google sign-in data to authenticate you, create or link your MatKaiOS account, maintain sessions across the extension and the web portal, and apply Identity Gate checks before access is granted.

We use your email address to deliver activation and security-related emails, to respond to support or deletion requests, and to enforce administrator access rules when an account is designated for internal operations.

We use service data such as prompts, sessions, and custom actions only to provide the features you invoke, to synchronize your account across surfaces, and to secure and troubleshoot the platform.

Page content and browser context accessed by the extension are used to answer your request, execute the browser action you initiated, preserve relevant session continuity when enabled, and enforce security boundaries. MatKaiOS does not use this browser context for advertising profiling or data brokerage.

The extension may request optional Chrome host permissions for the active site or for broader web access when a browser-facing feature requires it. These permissions are requested through Chrome permission prompts or feature-specific flows, and you can decline them.

By installing and using the extension, you acknowledge that browser-facing features may need access to the pages or tabs where you ask Kai to operate. By activating those features and accepting Chrome's permission prompt, you authorize MatKaiOS to access the relevant page or browser context for that requested operation.

Future Browser Mode capabilities may allow Kai to navigate, inspect, or operate browser pages on your behalf. Those capabilities are intended to be user-initiated, bounded by browser permissions, and documented in this policy and product surfaces before broad release.

Chrome may allow you to review or revoke site access from the browser's extension settings. Revoking access can limit or disable features that depend on reading or operating pages.

MatKaiOS uses essential authentication/session mechanisms to keep you signed in, protect protected routes, and maintain continuity between surfaces.

We may process limited operational diagnostics (for example, endpoint health events, login outcomes, and telemetry needed to detect abuse or service failures).

We do not use Google user data for advertising profiling, ad targeting, or brokerage purposes.

We do not sell Google user data or personal data, and we do not share Google user data with data brokers or advertisers.

We share data only with service providers needed to operate MatKaiOS, such as providers for authentication/database, hosting/delivery, transactional email, and model inference.

If you choose to use AI features, prompts or content you submit may be processed by the provider route selected at runtime (including local runtime mode when available). Google sign-in data is not shared with those AI providers for authentication purposes.

We protect data in transit using HTTPS/TLS and rely on access controls and encrypted storage offered by our infrastructure vendors where applicable.

Web sessions are stored through Supabase Auth. Extension sessions are stored in extension-managed local storage. Vault secrets and backup flows are handled with local-first protection patterns.

Administrative access is restricted separately from normal user access. Sensitive operational views require backend authorization in addition to any login flow.

Where applicable, we process data under one or more of these bases: providing the service you request, your consent, legitimate security/operational interests, and legal obligations.

Because infrastructure providers may operate in multiple regions, your data may be processed in countries outside your own jurisdiction.

You can request access to your account data, correction of inaccurate data, deletion of your account data, and export of your account-linked content where technically feasible.

You can also object to or request restriction of specific processing when applicable under your local law. We evaluate these requests case by case and confirm what can be completed.

As an indie project, we keep this process direct: email assistmatkaios@gmail.com from your account email, describe your request, and we will verify account ownership before actioning it.

MatKaiOS is not directed to children. If you are under the minimum digital consent age in your jurisdiction, do not use the service.

If we learn that data was submitted by someone below the applicable minimum age without required authorization, we will take steps to remove that data.

We retain account and service data for as long as your account remains active, as needed to provide the service, and for legitimate security, legal, and operational purposes.

Typical retention windows: active account and user-created content are kept until deletion request or account closure; security and diagnostic logs are usually retained for short-to-medium operational windows (commonly 30 to 180 days), unless longer retention is required for abuse, legal, or incident-response reasons.

You may request deletion of your MatKaiOS account and associated data by contacting assistmatkaios@gmail.com from the email address tied to your account. We may ask you to verify ownership before completing a deletion request.

Once a verified deletion request is approved, we will delete or anonymize the relevant account data within a reasonable timeframe, except where retention is required by law, fraud prevention, dispute resolution, or security obligations.