Legal

Privacy Policy

Last updated: March 21, 2026

Flint ("we", "our", "us") operates the Flint Chrome extension and the website at useflint.dev. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

1. Information we collect

Account information

When you create an account we collect your email address and, optionally, your full name. This is used solely to authenticate you and personalise your experience.

Prompt data

When you use the Flint extension, the text in the AI prompt box is sent to our scoring API to generate a quality score and suggested rewrite. Prompt text is processed in memory and is not stored on our servers. Only the resulting score, length, and a flag indicating whether you clicked "Improve" are saved to your account.

Session and conversation metadata

We record which AI platform you used, the URL of the conversation, and a title derived from the page. We never read or store the full content of your AI conversations.

Saved contexts

If you choose to save a context snippet using the extension, that text is stored against your account so you can retrieve it later from your dashboard.

Usage analytics

We collect basic, anonymised usage events (e.g. button clicks, page views) to understand how the product is used and to improve it. This data contains no personally identifiable information.

2. How we use your information

  • To provide and maintain the Flint service
  • To display your prompt history and analytics on your dashboard
  • To send you transactional emails (e.g. account verification, password reset)
  • To improve our scoring and rewriting models over time using aggregated, anonymised signals
  • To detect and prevent abuse of the service

We do not sell your data to third parties. Ever.

3. Third-party services

Supabase

We use Supabase to store account data, prompt scores, conversation metadata, and saved contexts. Data is stored in the EU (Ireland). Supabase is SOC 2 Type II certified.

Groq

Prompt text is forwarded to the Groq API (running Llama 3.3 70B) to generate a quality score and rewrite. Groq does not use your prompts to train their models. Prompt text is not retained after the API response is returned.

Vercel

Our website and API are hosted on Vercel. Standard server access logs (IP, user agent, request path) may be retained by Vercel for up to 30 days for security purposes.

4. Data retention

Your account data is retained for as long as your account is active. Prompt score records are retained for 12 months and then automatically deleted. If you delete your account, all associated data is permanently removed within 30 days.

5. Your rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all associated data
  • Object to or restrict certain processing activities
  • Port your data in a machine-readable format

To exercise any of these rights, email us at hello@useflint.dev.

6. Cookies

We use only functional cookies necessary for authentication (a session cookie set by Supabase). We do not use advertising or tracking cookies.

7. Children

Flint is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

8. Changes to this policy

We may update this policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Continued use of Flint after any changes constitutes your acceptance of the revised policy.

9. Contact

If you have any questions about this Privacy Policy, please contact us at hello@useflint.dev.