Privacy Policy for TLDW

Last Updated: 07/07/2025

1. Introduction

Welcome to TLDW (Too Long; Didn't Watch), a Chrome Extension that provides AI-powered summaries of YouTube videos. This Privacy Policy explains how we collect, use, and disclose information about you when you use our Chrome Extension, web application, and related services.

We are committed to protecting your privacy and ensuring you have a clear understanding of how your data is handled. Our goal is to be transparent and to comply with privacy standards set by the Chrome Web Store, applicable data protection laws including GDPR and CCPA, and industry best practices.

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with any part of this Privacy Policy, please do not use our Service.

Key Points: We do not sell your personal data. We only process data necessary to provide our AI-powered video summarization service. Chat conversations are processed in real-time and are never stored on our servers.

2. Chrome Extension Permissions

Our Chrome Extension requires specific permissions to function properly. Here's what each permission allows us to do:

  • Tab: Allows us to read the URL of the currently active YouTube tab to identify which video you want summarized and provide the interactive timestamps that allows you to jump to the exact timestamp of the summary you want to watch from the sidebar.
  • Storage: Enables us to save your theme preferences locally in your browser. Clerk uses this to authenticate you and store your session data.
  • Host Permissions for YouTube: Required to detect when you're on YouTube and to integrate our extension interface with YouTube pages.

Host Permissions

Our extension requires access to specific domains to function properly:

1. https://*.clerk.accounts.dev/*

Purpose: Enables Clerk authentication service communication.

Implementation: Used by @clerk/chrome-extension package for OAuth flows and session management.

Justification: Required for secure user authentication. Clerk handles OAuth redirects and session validation through this domain.

No Alternative: Authentication security requires communication with Clerk's dedicated authentication infrastructure.

2. https://clerk.tldw.dev/*

Purpose: Backend API communication for AI processing and user management.

Justification: The extension's core authentication functionality relies on Clerk. This domain serves as our backend API endpoint that handles video processing requests, user authentication validation, and account management operations.

3. YouTube Video Page Matching: https://*.youtube.com/*

Purpose: Enables timestamp jumping functionality on YouTube pages.

Implementation: Allows the extension to inject interactive elements and provide seamless navigation between our AI summaries and specific moments in YouTube videos.

Justification: Core functionality requires direct interaction with YouTube's video player to provide timestamp-based navigation from our sidebar interface.

We only use these permissions for their stated purposes and do not access any other data from your browser or other websites.

3. Information We Collect

To provide and improve our Service, we collect the following types of information:

a) Information You Provide to Us

Account Information: When you sign up for TLDW, you authenticate using Clerk. We receive your basic profile information from Clerk, which may include your name, email address, and profile picture. We do not handle or store your password.

User Content: We process the questions you ask the AI and your conversations within the chat interface. These conversations are sent to our backend for AI processing through OpenAI but are not stored on our servers.

b) Information Collected Automatically

YouTube Video Information: To provide the core functionality of the Service, we identify the URL of the YouTube video you are currently watching when you activate the extension. This is necessary to retrieve the video's transcript for processing. Video URLs are obtained dynamically and are not stored locally on your device.

Usage and Technical Data: We collect information about your interaction with our Service, such as your token usage, for the purpose of rate limiting and managing your subscription tier. Our backend servers may also log standard technical information, such as your IP address and browser type, for security, debugging, and analytics purposes.

c) Information Stored Locally

Theme Preferences: Your light/dark/system theme selection is stored locally in your browser using localStorage to maintain your preferred appearance across sessions.

Authentication Data: Clerk manages authentication cookies and local storage data to maintain your login session across browser sessions.

4. How We Use Your Information

We use the information we collect for the following purposes, which are essential for the operation of the Service:

  • To Provide and Operate the Service: We use your YouTube video URLs and chat questions to interact with our backend API, which processes video transcripts with the OpenAI API to generate summaries and answers, and display them to you.
  • To Authenticate You: We use Clerk to manage your account, authenticate your sessions, and secure your access to the Service.
  • To Manage Your Account and Subscription: We use your user ID and token usage data to enforce service limits based on your account status (free or paid).
  • To Process Payments: We use Stripe to handle payments for premium features. Your payment information is processed directly by Stripe and is not stored on our servers.
  • To Maintain and Improve the Service: We analyze usage data to monitor the performance of our Service, troubleshoot issues, and plan for future improvements.
  • To Communicate With You: We may use your email address to respond to support inquiries or send important service-related announcements.

5. How We Share Your Information

We do not sell your personal data. We only share your information with the following third-party service providers who are essential to making the Service work. These providers are bound by their own privacy policies.

  • Clerk (Authentication): Your authentication is handled by Clerk. We share your user identifier with them to manage your session. Clerk stores authentication data locally and via cookies as required for secure session management. You can review Clerk's Privacy Policy at https://clerk.com/privacy.
  • OpenAI (AI Processing): The transcript of the YouTube video and the questions you ask are sent to the OpenAI API (via our backend) for processing. We do not share your personal account information with OpenAI. You can review OpenAI's API Data Privacy information at https://openai.com/api-data-privacy.
  • Stripe (Payment Processing): If you subscribe to a paid tier, your payment is processed by Stripe (via our backend). We do not store your credit card details. You can review Stripe's Privacy Policy at https://stripe.com/privacy.
  • Backend Infrastructure Providers (e.g., Vercel, Upstash, etc.): Our backend, database, and caching are hosted on third-party cloud infrastructure. All data is encrypted in transit.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

6. International Data Transfers

Your information may be transferred to and processed in countries other than your own. Our service providers operate globally:

  • OpenAI: Based in the United States, processes video transcripts and chat messages for AI analysis.
  • Clerk: Provides authentication services with data centers in multiple regions.
  • Stripe: Processes payments with global infrastructure compliance.
  • Infrastructure Providers: Our backend services may be hosted across various international data centers.

All data transfers are protected by appropriate safeguards, including standard contractual clauses, adequacy decisions, and encryption in transit and at rest.

7. Cookies and Local Storage

We use cookies and local storage to enhance your experience:

  • Authentication Cookies: Managed by Clerk to maintain your login session securely.
  • Theme Preferences: Stored locally to remember your light/dark mode choice.
  • Extension State: Temporary storage for extension functionality during your session.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of our Service.

8. Data Security

We take the security of your data seriously and implement a variety of security measures to maintain the safety of your personal information. All communication between the extension, our backend, and third-party services is encrypted using HTTPS/TLS.

However, please remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

9. Data Retention and Local Storage

We retain your personal information for as long as is necessary to provide the Service to you and to fulfill the purposes outlined in this policy.

  • Account Information is retained as long as your account with Clerk is active.
  • User Content and Usage Data are retained as long as necessary to provide the Service, enforce usage limits, and for security logging.
  • Local Data Storage: The extension stores only theme preferences locally on your device. Chat conversations are never stored and are only maintained in memory during your session. When you close the extension or browser, chat history is not preserved.
  • Authentication Data: Clerk manages authentication data storage according to their data retention policies.

You may request the deletion of your data by contacting us at the email address below.

10. Regulatory Compliance and Legal Basis

We process your personal data based on the following legal grounds:

  • Legitimate Interest: Processing necessary for our legitimate business interests in providing AI-powered video summaries.
  • Contract Performance: Processing necessary to provide the Service you have requested.
  • Consent: Where you have given specific consent for certain processing activities.
  • Legal Obligation: Where we are required by law to process your data.

GDPR Rights (EU Users): You have rights including access, rectification, erasure, portability, restriction, objection, and automated decision-making protection.

CCPA Rights (California Users): You have rights to know about personal information collected, delete personal information, opt-out of sales (we don't sell), and non-discrimination.

11. Your Rights and Choices

You have certain rights regarding the personal information we hold about you.

  • Access and Update: You can access and update your account information through the interface provided by Clerk.
  • Opt-Out: You can stop all collection of information by the Service by uninstalling the Chrome Extension.
  • Data Deletion: You can request the deletion of your account and associated data by contacting us. We will process your request in accordance with applicable law.
  • Local Data Control: You can clear locally stored theme preferences by resetting your browser's localStorage or by uninstalling and reinstalling the extension.

12. Children's Privacy

Our Service is not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

[Your Name/Company Name]

[your-email@example.com]