Privacy Policy

Overview

Accountability Shield is an AI-powered distraction blocker available as a Chrome extension and Android app. We help you stay accountable by blocking distracting websites, providing AI-driven analytics and insights, and notifying your accountability partners. To provide this service, we collect and process certain information about you and your browsing activity.

We are committed to:

Transparency: Being clear about what data we collect and why
Minimal data collection: Only collecting what's necessary to provide our service
User control: Giving you full control over your data
No selling: Never selling your data to third parties
AI privacy: Your data trains your insights, never external AI models
Security: Protecting your data with industry-standard security measures

Data We Collect

1. Account Information

When you create an account, we collect:

Email address: Used for account authentication, password recovery, and sending accountability notifications
Name: Optional display name for your account
Password: Stored securely using bcrypt hashing (we never store passwords in plain text)

2. Blocking Configuration Data

To provide the blocking functionality, we store:

Accountability groups: Names and descriptions of groups you create
Blocked websites: Domain patterns and URLs you choose to block
Group settings: Blocking schedules, exceptions, and custom rules you configure
Accountability partners: Names and email addresses of people you invite to receive notifications

3. Browsing Analytics Data (For AI Insights)

To provide AI-powered analytics, risk scoring, and personalized insights, we collect:

Domain visits: Websites you visit (domain names only, not full URLs or page content)
Visit frequency: How often you visit specific domains
Timestamps: When you visit domains (used for pattern detection)
Categories: Automatic categorization of domains (e.g., social media, streaming, productivity)
Hourly aggregates: Data is aggregated by hour and uploaded to our AI analysis system
Block attempts: When you attempt to access blocked sites
Notification history: Record of which partners were notified and when

Important: What We Track vs. What We Don't

We DO track: Domain names (e.g., "twitter.com"), visit counts, timestamps, and categories for AI analysis
We DON'T track: Full URLs, page content, search queries, form data, passwords, or any sensitive information
Privacy filter: Browser infrastructure domains (updates, telemetry, CDNs) are automatically filtered out
Shared only with you: Analytics insights are only visible to you and your chosen accountability partners (via weekly summaries)

4. AI Coach Conversations

When you use the AI Coach feature, we collect:

Chat messages: Your questions and the AI's responses
Chat history: Stored to provide context in ongoing conversations
Actions taken: When the AI creates/modifies blocking groups or settings on your behalf

AI Coach Privacy:

Your conversations are private and only accessible to you
Chat data is NOT used to train AI models
Messages are processed via secure WebSocket connections
You can delete your chat history at any time

5. Technical Data

Device information: Platform (Chrome extension, Android, iOS), device ID for sync
Browser/app version: To ensure compatibility and provide updates
API authentication tokens: To securely sync data across devices
Timezone: For accurate schedule-based blocking

What We DON'T Collect:

Page content, text, images, or videos from websites you visit
Full URLs (only domain names)
Search queries, form data, or passwords
Personal information beyond what you provide
Third-party tracking cookies or cross-site analytics
Incognito/private browsing activity (extension doesn't run there)

🤖 How AI Analyzes Your Data

Accountability Shield's AI features are designed to help you understand and improve your digital habits. Here's exactly how the AI processes your data:

Data Collection & Aggregation

Hourly batches: Your browsing data is aggregated every hour (domain names, visit counts, categories, timestamps)
Automatic filtering: Browser infrastructure (updates, telemetry) is automatically excluded
Upload to secure API: Encrypted hourly batches are sent to our backend for analysis
Local buffering: If offline, data is stored locally and synced when connection resumes

AI Analysis Process

Pattern detection: AI identifies behavioral patterns, peak vulnerability times, and trigger domains
Risk scoring: Calculates a daily risk score (0-100) based on frequency, timing, and deviation from your baseline
Trend analysis: Tracks improvements or regressions over time (7-day, 30-day trends)
Personalized insights: Generates actionable recommendations specific to your patterns

What the AI Coach Can Do

Answer questions: "What are my biggest triggers?" "How did I do this week?"
Manage blocking: "Block Twitter from 9-5" "Add reddit.com to my Work Focus group"
Provide insights: Proactive notifications about patterns and progress
Weekly summaries: Automatically generates and sends reports to your accountability partners

AI Privacy Guarantees:

AI analyzes aggregated patterns, never individual page content
Your data is processed for YOUR insights only—never pooled or used for other users
OpenAI and Google APIs process your data with zero-retention (not used for model training)
Insights are visible only to you and your chosen accountability partners
You can disable AI features at any time—your data will no longer be analyzed

How We Use Your Data

We use the data we collect for these specific purposes:

Account Management

Create and maintain your user account
Authenticate your login sessions
Send password reset emails when requested
Provide customer support

Core Blocking Functionality

Enforce website blocking rules you configure
Sync your blocking groups across devices where you're logged in
Apply blocking schedules and exceptions
Maintain pre-loaded blocklists (adult content, gambling, etc.)

Accountability Notifications

Send email alerts to your designated accountability partners when you attempt to access blocked sites
Include relevant context in notifications (which site, which group, when)
Send partner invitation emails

AI-Powered Features

Risk scoring: Generate daily risk scores (0-100) based on your browsing patterns and block attempts
Pattern detection: Identify vulnerability windows, triggers, and behavioral trends
Personalized insights: Provide actionable recommendations through the AI Coach
Weekly summaries: Generate comprehensive reports sent to your accountability partners
Conversational AI: Enable natural language management of blocking groups and settings

Cross-Platform Sync

Sync blocking groups, settings, and schedules across all your devices (Chrome, Android, iOS)
Maintain consistent AI insights across platforms
Enable seamless experience when switching devices

Service Improvement

Aggregate, anonymized usage statistics to improve the extension
Identify and fix bugs
Develop new features based on user needs

Important: We use your data ONLY for the purposes listed above. Your browsing data is used exclusively to generate your personal AI insights. We never:

Use your data for advertising or profiling
Train external AI models with your personal data
Share your browsing patterns with anyone except your chosen accountability partners
Sell or monetize your data in any way

Data Sharing and Disclosure

Who We Share Data With

Accountability Partners (By Your Explicit Choice):

We send email notifications to people you designate as accountability partners
Notifications include: your name, the blocked site domain, the group name, and timestamp
Weekly AI summaries: Partners receive automated weekly reports with your risk score trends, progress metrics, identified triggers, and success factors
You have full control over who receives notifications and can remove partners at any time

Service Providers:

Email service: We use a third-party email service (e.g., SendGrid, Mailgun) to send accountability notifications and system emails
Hosting provider: Our backend API and database are hosted on secure cloud infrastructure (Railway.app)
AI providers: We use OpenAI (GPT-4o-mini) and Google (Gemini 2.5) for AI Coach conversations and analytics processing. Your data is processed via their APIs but is NOT used to train their models
These providers are bound by strict data processing agreements and cannot use your data for their own purposes

When We Share Data

With your consent: When you explicitly choose to share (e.g., adding accountability partners)
Legal requirements: If required by law, court order, or government regulation (we will notify you unless legally prohibited)
Security threats: To prevent fraud, security threats, or illegal activity
Business transfers: If Accountability Shield is acquired, your data may transfer to the new owner (you will be notified)

We DO NOT:

Sell your data to third parties
Share data with advertisers or marketing companies
Use your data for purposes unrelated to accountability
Share your browsing activity publicly

Data Storage and Security

How We Store Your Data

Local storage: Your blocking groups and settings are stored locally in your browser using Chrome's storage API
Cloud storage: Data is also stored on our secure servers to enable syncing across devices
Encryption in transit: All data transmission uses HTTPS/TLS encryption
Encryption at rest: Database is encrypted using industry-standard encryption

Security Measures

We implement multiple layers of security:

Password hashing: Passwords are hashed using bcrypt with salt
API authentication: Secure token-based authentication for all API requests
Access controls: Strict role-based access to data and systems
Regular audits: Periodic security reviews and vulnerability assessments
Secure infrastructure: Hosted on reputable cloud providers with strong security track records

Data Retention

Account data: Retained while your account is active
Browsing analytics: Hourly aggregates stored for 90 days to enable trend analysis and AI insights
AI Coach conversations: Chat history retained for 90 days (or until manually deleted)
Block attempt logs: Retained for 90 days for accountability reporting
Deleted accounts: When you delete your account, all associated data (including analytics and chat history) is permanently deleted within 30 days
Backup retention: Encrypted backups are retained for 30 days for disaster recovery

Your Rights and Controls

You have the following rights regarding your data:

Access Your Data

View all data we have about you through the extension settings
Request a downloadable copy of your data

Correct Your Data

Update your account information (name, email) at any time
Modify your blocking groups and settings
Correct any inaccurate information

Delete Your Data

Delete specific blocking groups or block records
Remove accountability partners from your groups
Delete your entire account and all associated data

Export Your Data

Export your blocking groups and settings in JSON format
Download your browsing analytics and risk score history
Export AI Coach conversation history
Port your data to another service

Control Notifications

Add or remove accountability partners at any time
Disable notifications for specific groups
Opt out of system emails (except critical security notices)

How to Exercise Your Rights:

Most rights can be exercised directly through the extension settings. For requests requiring manual assistance, contact us at [email protected]. We will respond within 30 days.

Third-Party Services

Accountability Shield uses the following third-party services:

Email Service Provider

Purpose: Sending accountability notifications and system emails
Data shared: Email addresses, notification content, timestamps
Privacy policy: [Link to email provider's privacy policy]

Cloud Hosting Provider

Purpose: Hosting our backend API and database
Data shared: All data stored on our servers
Security: SOC 2 compliant, GDPR compliant

AI Processing

OpenAI (GPT-4o-mini): Powers the AI Coach conversations
Google Gemini 2.5: Provides additional AI capabilities for analytics
Purpose: Natural language processing, pattern analysis, insight generation
Data shared: Chat messages, aggregated browsing patterns (never raw browsing data)
Zero-retention policy: Neither OpenAI nor Google retains or trains on your data

What We DON'T Use

                Google Analytics or similar tracking: No third-party analytics on our website/extension
Advertising networks: No ads, no tracking pixels
Social media integrations: No Facebook/Twitter tracking
Data brokers: We never share data with data brokers
AI model training: Your data is never used to train commercial AI models

            

Children's Privacy

Accountability Shield is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13.

If we discover that we have collected data from a child under 13, we will delete that information immediately. If you believe we have collected data from a child under 13, please contact us at [email protected].

International Data Transfers

Accountability Shield operates globally with servers hosted in multiple regions. Your data may be transferred to, stored, and processed in the United States and other countries where our service providers (hosting, email, AI processing) operate.

By using Accountability Shield, you consent to the transfer of your data to these locations. We ensure that all data transfers comply with applicable data protection laws, including GDPR for European users and CCPA for California residents.

Your Legal Rights (GDPR & CCPA)

For European Users (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

Right to access: Obtain confirmation of data processing and a copy of your data
Right to rectification: Correct inaccurate or incomplete data
Right to erasure ("right to be forgotten"): Request deletion of your data
Right to restrict processing: Limit how we use your data
Right to data portability: Receive your data in a machine-readable format
Right to object: Object to certain types of data processing
Right to withdraw consent: Withdraw consent for data processing at any time

For California Users (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act:

Right to know: What personal information we collect and how it's used
Right to delete: Request deletion of your personal information
Right to opt-out: Opt out of sale of personal information (we don't sell data)
Right to non-discrimination: We won't discriminate against you for exercising your rights

Common AI Privacy Questions

"Does the AI see what I'm looking at on websites?"

No. The AI only sees domain names (e.g., "youtube.com"), visit counts, and timestamps. It never sees page titles, URLs, content, images, or anything you type or view on websites.

"Is my data used to train ChatGPT or other AI models?"

No. We use OpenAI and Google's APIs with their zero-retention agreements, which means your data is processed for your request only and immediately discarded—never stored or used for training.

"Can other users see my browsing patterns or risk scores?"

No. Your analytics and AI insights are completely private to you. The only people who can see any information are your explicitly chosen accountability partners, and they only receive weekly summary emails (not raw browsing data).

"What happens if I disable AI features?"

You can disable AI Analytics and the AI Coach at any time. When disabled:

We stop collecting browsing analytics data
No new risk scores or insights are generated
The AI Coach becomes unavailable
Website blocking continues to work normally
Existing analytics data is retained per our retention policy (90 days) unless you delete it manually

"Can I delete my analytics and chat history?"

Yes. You can delete your AI Coach conversation history and analytics data at any time through the extension settings. Deleted data is permanently removed within 7 days.

"Does Accountability Shield sell my data to AI companies?"

Never. We do not sell, rent, or share your data with anyone. AI providers (OpenAI, Google) process your data as processors only—they cannot use, store, or access your data beyond processing your specific requests.

Cookies and Tracking

Accountability Shield uses minimal cookies and local storage:

Essential Cookies

Authentication tokens: To keep you logged in (stored in Chrome's secure storage)
Session data: To maintain your session across page reloads

What We Don't Use

Advertising cookies
Third-party tracking cookies
Analytics cookies
Social media cookies

You can clear cookies and local storage by logging out or through your browser settings.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

How we notify you:

Material changes: Email notification to all users
Minor changes: Updated "Last Updated" date at the top of this page
Extension notification: In-app notification for significant changes

Your continued use of Accountability Shield after changes become effective constitutes acceptance of the updated policy. If you disagree with changes, you may delete your account.