PRIVACY POLICY FOR CRICKIT DESKTOP WEB BROWSER APPLICATION

Last Updated: November 13, 2025

Crickit, LLC (“Crickit,” “we,” or “us”) prioritizes user privacy. This Privacy Policy explains how we handle data through our web browser application (the “Service”) (including the Crickit browser extension distributed via the Chrome Web Store and any equivalent desktop browser add-ons).

For information about how we process data on our public marketing Website (http://crickit.ai), please see our separate Website Privacy Policy at https://crickit.ai/privacy.

1. DATA COLLECTION & PURPOSE

1.1 COLLECTED DATA

User-Provided:

• Emails for account creation, billing and subscription management, and newsletters (opt-out available).
• Payment details via Stripe (processed securely; no card storage).

Automated:

• Account & Service Usage Data: Basic account identifiers (such as an internal user ID associated with your email), interaction logs with the Service (for example, feature usage and timestamps), limited error or crash information, and high-level usage metrics needed to operate, secure, and improve the Service.
• Media-Browsing Data: Video IDs and publicly available transcripts are temporarily linked to user IDs only during active fact-checking sessions and consumption of relevant media. These media-browsing data are never stored in association with individual user IDs after each relevant media session ends (e.g., watching a specific video).
• Technical Data: Browser type, OS, and anonymized IP via Google Analytics (usage trends only).

Technical data such as browser type and version, operating system, approximate region, and event-level telemetry related to extension activity. When you install or use the Crickit extension from the Chrome Web Store, Google and/or the browser platform may collect standard extension telemetry (such as install/uninstall events, version information, and crash/error reports) under their own privacy policies.

Analytics Data in the Extension: We may use Google Analytics or similar analytics tools within the extension to understand high-level usage patterns (for example, how often certain features are used, general error rates, and performance). Where we use Google Analytics in the extension, it is configured not to store IP addresses and to focus on aggregated, event-level data used to improve reliability and performance. We do not use extension analytics data to build individual behavioral profiles or for retargeting or cross-context behavioral advertising.

1.2 WHY WE COLLECT THESE DATA

We collect and use the data described above to:

• To enable real-time fact-checking.
• To improve Service efficiency (e.g., caching user-disassociated media and fact-check data for faster future access).
• To communicate with you regarding our services and other products or services that may be of interest to you or the Customer with which you are associated.
• To comply with a valid warrant, subpoena, or court order, or exercise or defend legal claims or otherwise comply with our legal obligations.
• To comply with a request or order from other local, state or federal governmental agencies with legal authority to obtain the personal information from Crickit.
• To protect the safety and security of our users by collecting and reviewing personal information to protect against fraud, other crimes and threats to safety.
• To comply with any other business or lawful purpose reasonably anticipated within the context of Crickit’s relationship with you.
• For any purpose for which we obtained your consent.
• To operate, secure, and improve the Crickit extension, including diagnosing technical problems, measuring performance, and ensuring compatibility with browsers and devices.

We do not use data collected through the Service for retargeting or to sell your personal information.

2. DATA SECURITY & RETENTION

Crickit takes reasonable security measures to protect against the loss or misuse of information under its control. Although we will do our best to protect your information, transmission of information to and from Crickit is at your own risk as no method of data transfer over the internet is 100% secure.

Encryption: All data in transit uses TLS/SSL; anonymized identifiers prevent re-identification.

Retention:

• Media-Browsing Data: The association between video IDs, transcripts, and fact-check content with user IDs exists only during active sessions. Disassociated data (e.g., video IDs linked to fact-check results) may be stored in aggregate to improve Service performance.
• Persistent Data: Emails retained until account deletion; Stripe billing records retained per payment processor requirements.
• Extension/Analytics Data: Aggregated and event-level analytics or telemetry related to the extension is retained only as long as necessary for operational, security, and improvement purposes, and in accordance with our internal retention schedules and the settings of any analytics tools we use (for example, Google Analytics data retention settings).

3. THIRD-PARTY SHARING

We share data only with:

• Processors:
  • Google Analytics: Aggregated usage trends. We configure Analytics not to store IP addresses and to focus on aggregated Service usage.
  • Stripe: Payment processing (transaction IDs only).
• Service Providers:
  • Public Transcript APIs: We access publicly available transcripts from digital media platforms. No user PII (e.g., emails, IPs) is transmitted to these platforms.
  • AI Providers: Transcript excerpts and claims are sent to third-party AI companies solely for automated fact-checking. All data is stripped of user identifiers before processing.
• Legal Compliance: Responses to valid court orders or laws.
• Potential Business Partners: We may disclose or transfer information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

No Sales: We do not sell or monetize user data. Crickit may share de-identified, aggregated data and information with other entities for the purpose of performing activities that may help Crickit provide and improve its services.

We may also share information with other third-party service providers as reasonably necessary to provide, maintain, and secure the Service (for example, hosting, logging, or security providers), subject to contractual obligations to protect your data.

4. YOUR RIGHTS

• Access/Delete: Request deletion of your email or billing records via{" "} legal@crickit.ai. Note: Media-browsing data (video IDs, transcripts and fact-check content) are not stored at the user level.
• Opt-Out: Unsubscribe from emails using links in communications.

Depending on where you live, you may also have additional rights, such as the right to access, correct, or delete certain personal information, object to certain processing, or request portability of certain data. To exercise any of these rights (where available), please contact us at legal@crickit.ai. We will respond within the timeframes required by applicable law.

5. REGIONAL COMPLIANCE

We adhere to privacy principles outlined in:

• GDPR (EU/UK): Honor deletion requests and data minimization.
• CCPA (California): Disclose data practices and honor opt-outs.
• Other Laws: Contact us to exercise rights under local regulations.

If you are located outside of the United States, please be aware that information we collect through our website and services will be transferred to and processed in the United States. By using the website and services or by voluntarily providing your information to us, you consent to the transfer, processing, and storage of your information in the United States.

Note: The Crickit extension may also be subject to additional platform-specific privacy or data usage restrictions (for example, Chrome Web Store or browser-privacy policies). We endeavor to configure the extension and any associated analytics to comply with these requirements.

Note to Residents of California
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below. However, please note, we do not disclose personal information to third parties for any third party’s marketing purposes.

6. PROHIBITED DATA & SAFEGUARDS

No Collection Of: Sensitive health/financial data, passwords, social security numbers, or precise geolocation.

Cookies: Third-party tools (e.g., Google Analytics) may use cookies or storage. When you visit or use the Site, Service, or related interfaces, our server or another company’s server may create cookies, which are small text files that a website can send to your internet browser and may be stored in your browser or elsewhere on your computer. We may use cookies to evaluate website usage, provide services to you, and to offer programs and/or services that you may be interested in. You have the ability to accept or decline cookies. Most browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, this may impact your experience using our Site or Service.

Children’s Privacy: Service not intended for users under 13 (or 16 in the EU). If we obtain actual knowledge that we have collected information from someone under the age of 13 (or 16 in the EU), we will delete that information.

7. THIRD-PARTY PLATFORMS

YouTube: We access public transcripts without using YouTube’s official APIs. We are not affiliated with or endorsed by YouTube/Google.

Third-Party Platform Compliance:

• User Responsibility: You agree to comply with all terms, policies, and guidelines of platforms accessed through Crickit (e.g., YouTube). You should review these other terms, policies and guidelines.
• No Endorsement or Assurance: Crickit operates independently and does not warrant compliance with third-party platform rules. Use of the Service does not modify, circumvent, or alter your obligations under YouTube’s Terms of Service and privacy policy, or other platform agreements.
• Termination for Non-Compliance: We may suspend or terminate access if we reasonably believe your use violates third-party platform terms.

8. DO-NOT TRACK SIGNALS

Web browsers and other technologies you may use to access the Site or Service may include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.

Where required by law, we will honor certain global privacy control or similar signals for data processed through the Service if and when our processing triggers such obligations. We do not sell personal information collected through the Service or use it for cross-context behavioral advertising.

9. UPDATES & CONTACT

Policy Changes: Updates posted here; continued use constitutes acceptance.

Questions: Contact legal@crickit.ai.