Privacy Policy

CogniTube ("CogniTube", "we", "our", "us") provides the CogniTube Chrome browser extension and the website at cognitube.io. These are the two surfaces through which you interact with our service.

By using CogniTube, you agree to the collection and use of information as described in this policy.

The information we collect depends on how you use CogniTube. We distinguish between three types of users:

Anonymous users — users who use the extension without signing in.

Free users — users who sign in with a Google account and use the free plan.

Pro users — users on a paid subscription.

2.1 Account Information

When you sign in with Google, we receive your email address and a unique Google account identifier (Google user ID). We do not receive your Google password, phone number, or any other Google account details. This information is used solely to identify your account, enforce usage limits, and associate your data with your subscription.

Anonymous users do not provide account information. A local flag is stored on your device to track the one-time anonymous summary limit.

2.2 Authentication Data

We use Google OAuth 2.0 for authentication. When you sign in, we request access to basic account information via the following OAuth scopes: email, profile, and openid. We do not request access to your Google Drive, Gmail, contacts, or any other Google service.

During the authentication process, we receive authentication tokens that are stored locally in your browser extension's secure storage. These tokens are used to maintain your session and are not transmitted to our servers except as needed to verify your identity.

The OAuth flow is proxied through cognitube.io, so Google displays cognitube.io as the authorizing application during sign-in. Your Google credentials are never seen or stored by CogniTube's servers.

CogniTube's use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

2.3 Usage Data

Free users: We store a summary usage counter in our database associated with your Google account ID. This counter tracks how many AI summaries you have generated to enforce the free plan limit. We do not store the content of those summaries on our servers for free users.

Pro users: No hard usage counter is enforced. We apply reasonable daily usage limits for infrastructure stability. Usage is tracked server-side for this purpose only.

Anonymous users: Usage is tracked locally on your device via a one-time flag in extension storage. No data is sent to our servers.

2.4 Device, Browser, and Extension Data

We do not collect device fingerprinting data or general browser information. The extension accesses the current tab's URL solely to detect whether you are on a YouTube video page. This data is processed locally and is not transmitted to our servers.

Vercel, which hosts our website (cognitube.io), may collect standard web server data including anonymized IP addresses, browser type, and page visit information through Vercel Analytics. This data is aggregated and privacy-friendly by design (no persistent cookies, no cross-site tracking). See Section 5.

2.5 User-Submitted Content

Summaries: AI summaries are generated from the YouTube video transcript. The transcript is sent to OpenAI's API for processing (see Section 4). For free users, summaries are stored only locally on your device. For Pro users, summaries are stored in our cloud database.

Bookmarks and notes: Bookmarks and notes you create are stored locally for free users, and in our cloud database for Pro users. We do not read, analyze, or use the content of your notes or bookmarks for any purpose other than making them available to you.

2.6 Payment-Related Information

Payments are processed by Stripe. We do not store your credit card number, bank details, or any sensitive payment information on our servers. We store:

• A Stripe customer ID to link your account to your subscription
• Your subscription status (active, cancelled, expiry date)
• High-level payment metadata (e.g., payment count, total amount paid) for internal records

Detailed payment and billing information is managed by Stripe and governed by Stripe's Privacy Policy.

2.7 Communications and Support Data

If you contact us via support@cognitube.io, we will receive your email address and the content of your message. This information is used solely to respond to your inquiry.

If you submit a feedback or support form through Tally.so (see Section 4), the data you submit — including your email address if provided — is stored in Tally's systems and transmitted to us. See Section 4 for details.

We use the information we collect to:

• Provide the service: Authenticate your account, generate AI summaries, and store your bookmarks, notes, and summaries according to your plan.
• Enforce plan limits: Track and apply the free plan usage quota.
• Manage subscriptions: Process payments, track subscription status, and handle renewals or cancellations.
• Communicate with you: Send service-related emails (e.g., subscription confirmations, renewal reminders) via Stripe's automated email system. We do not send marketing emails.
• Improve the service: Analyze aggregated, anonymized usage patterns from feedback forms and website analytics. We do not profile individual users.
• Handle support requests: Respond to questions or issues submitted via email or support forms.
• Churn analysis: When you uninstall the extension, we collect your plan type (free or pro) via a feedback form to understand user behavior. No personally identifiable information is collected at uninstall unless you voluntarily submit the form.

We do not sell your personal data. We do not use your data for advertising purposes.

CogniTube relies on the following third-party providers. Each is governed by their own privacy policy.

OpenAI: When you generate a summary, the text transcript of the YouTube video is sent to OpenAI's API. We do not send your personal account information to OpenAI. OpenAI's data retention policies apply to any data processed through their API; we do not control how OpenAI handles this data on their end. We recommend reviewing OpenAI's Privacy Policy and API data usage policies.

Supabase: Your cloud data (Pro plan) is stored in a Supabase-hosted database located in Frankfurt, Germany (EU). Data is protected by access controls that prevent access by other users.

Tally.so: We use three Tally forms:

• Feedback form: Collects your email address (auto-populated from your extension session) and your current plan type (free/pro). Submitted when you choose to leave feedback.
• Uninstall form: Collects your plan type only. Displayed when you uninstall the extension. Submission is voluntary.
• Support/Contact form: Collects your email address and message content. Available to Pro users from within the extension.

Tally.so is a European company and its data practices are governed by Tally's Privacy Policy.

5.1 Website (cognitube.io)

Our website uses Vercel Analytics, a privacy-friendly analytics tool. Vercel Analytics does not use persistent tracking cookies and does not build profiles of individual users. It collects aggregated, anonymized data about page visits (such as page views, country-level geographic data, and referrer information) to help us understand how people discover and use our website.

We do not use Google Analytics, Facebook Pixel, or any other advertising or behavioral tracking technologies on our website.

5.2 Chrome Extension

The CogniTube extension does not use cookies. All data stored by the extension is kept in:

• Extension storage (chrome.storage.local): Used to store your authentication session (tokens, email, plan type), anonymous usage flags, and user preferences (e.g., theme, summary language). This data lives on your device and is not accessible to websites.
• Browser local database (IndexedDB): Used to store your summaries, bookmarks, and notes locally. Free user data lives exclusively here. Pro user data also lives here as a local cache, with our cloud database as the authoritative source.

This local storage is distinct from browser cookies and is not accessible to third-party websites or scripts.

CogniTube requests the following Chrome permissions:

We do not request permissions to access your browsing history, read data from other websites, capture your screen, or access your microphone or camera. We do not use the scripting permission to inject code into arbitrary pages.

The extension's UI is rendered inside a Shadow DOM, isolated from YouTube's own page scripts and styles.

When you uninstall the extension, all locally stored data is permanently deleted. Your usage counter and cloud data are retained until you actively request deletion, as they are linked to your Google account rather than to your device. To request deletion of your account and associated data, contact us at support@cognitube.io.

CogniTube is a service with users and infrastructure across multiple countries. Your data may be processed in countries outside your own, including the United States.

• Supabase (EU — Frankfurt): Your cloud data is stored within the European Union and benefits from EU data protection standards.
• OpenAI (United States): Video transcripts are sent to OpenAI servers in the US for AI processing.
• Vercel (United States): Our website is hosted on Vercel's infrastructure.
• Stripe (Global): Payment data is processed by Stripe across their global infrastructure.

Where data is transferred outside the EU/EEA, we rely on the data transfer mechanisms available under applicable law, including Standard Contractual Clauses or adequacy decisions where applicable. By using CogniTube, you acknowledge that your data may be processed in countries with different data protection standards than your own.

We take reasonable technical and organizational measures to protect your data:

• All data in transit is encrypted via HTTPS/TLS.
• Cloud data is protected by database-level access controls that restrict access to the authenticated account owner.
• API keys used to access third-party services are never embedded in the extension code. They are stored securely in our server-side infrastructure.
• Authentication tokens stored locally in the extension are scoped to the extension and inaccessible to web pages.

No method of electronic transmission or storage is 100% secure. While we strive to protect your data using industry-standard practices, we cannot guarantee absolute security.

In the event of a data breach that affects your personal data, we will notify affected users and relevant authorities as required by applicable law.

Depending on your location, you may have the following rights regarding your personal data:

Right to access: You may request a copy of the personal data we hold about you.

Right to correction: You may request correction of inaccurate or incomplete data.

Right to deletion: You may request deletion of your account and associated personal data. Note that some data may be retained by third-party providers (e.g., Stripe) as required by law.

Right to restriction: You may request that we limit how we process your data in certain circumstances.

Right to data portability: You may request your data in a structured, machine-readable format where technically feasible.

Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time. This does not affect the lawfulness of prior processing.

Right to lodge a complaint: If you are in the European Economic Area, you have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at support@cognitube.io. We will respond to your request within 30 days. For complex or multiple requests, we may extend this period by an additional 30 days, in which case we will notify you promptly.

We will make reasonable efforts to verify your identity before fulfilling any data access or deletion request.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will make reasonable efforts to notify users through the extension or website.

Continued use of CogniTube after changes are posted constitutes your acceptance of the updated policy.

For any questions, concerns, or requests related to this Privacy Policy or your personal data:

Email: support@cognitube.io

Website: cognitube.io

Your use of CogniTube is also governed by our Terms of Service.