We collect only the data necessary to provide fact-checking services. Below is a complete breakdown of every category of data we handle.
Email address
Collected only if you choose to create an account (for credit purchases). Free checks work entirely without an account and require no email.
Device ID
A randomly generated UUID stored in chrome.storage.local. Used solely to enforce the free-check quota (3 checks per day per device, 20 welcome credits with a free account). Not tied to your identity, your Google account, or any personal information.
Check inputs
When you right-click an image, the image is sent to our backend (as base64) for analysis. When you right-click text, the selected text is sent. These inputs are processed in real time and are not stored long-term in their raw form.
Check results
The verdict (TRUE / FALSE / MISLEADING / UNVERIFIED), summary, sources, and metadata are stored in our database to provide permalink pages and to cache results for other users who may check the same content.
Content hashes
A perceptual hash (dHash) of images and an MD5 hash of normalized text. Used for caching, rate-limiting, and deduplication. These hashes are one-way and cannot be reversed to reconstruct the original image or text.
Payment data
Processed by our payment processor (Stripe or Lemon Squeezy). We do not store credit card numbers, CVV codes, or billing addresses. We store your customer ID and purchase history so you can view past transactions and manage credits.
Usage analytics
Aggregate counters only: daily active users, total check counts, average latency, cache hit rates. No personally identifiable information is included in analytics.
2. Data We Do NOT Collect
Your browsing history — we do not monitor or record the pages you visit.
Keystrokes, form inputs, or any data you type into websites.
Personal data from web pages beyond what you explicitly right-click to check.
Your passwords. Authentication uses Google OAuth and magic links; we never store a password. Password-based authentication is not currently offered; the password_hash field in our database is reserved and unused.
Your precise or coarse location.
Your IP address — we do not use your IP address for tracking or analytics. IP addresses may appear transiently in server access logs, which are rotated regularly and not used to identify you.
3. How We Use Your Data
To provide fact-check verdicts: Your check input is sent to external APIs (vision, search, fact-check databases) and the aggregated signals are synthesized into a verdict by an AI model.
To cache results: When the same viral image or claim is checked by multiple users, the cached result is returned instantly at half the credit cost of a fresh check.
To track free-check quotas: Your device ID is used to count checks per day. No account is required for free usage.
To process credit purchases: Stripe handles payment processing; we record your customer ID and credit balance.
To improve the service: Aggregate analytics help us optimize latency, cache efficiency, and API usage. No PII is involved.
To detect 'zero-day' misinformation: Content you check may be re-analyzed by automated background jobs at a later date to detect whether the verdict has changed as new sources become available. The recheck count and updated verdict are stored and may appear on the permalink page.
Content hashes are also used for rate-limiting: no more than 5 checks per unique content hash per hour, to prevent abuse of the free-check quota.
4. Third-Party Services
The following third parties receive data from us as part of providing the fact-checking service. We do not share your data with any party beyond these necessary API calls.
Google Vision API
Receives the image you are checking (as base64) for label detection, landmark detection, and text extraction (OCR).
Google Fact Check API
Receives the claim text or the image hash to search published fact-check databases.
TinEye
Receives the image (as base64) for reverse image search to find original sources and earlier appearances.
GDELT
Receives the claim text to search global news events and timelines for contextual verification.
Brave Search API
Receives the claim text for general web search to gather source articles and corroborating evidence.
Google Gemini (via LiteLLM)
Receives the claim text or image description (derived from Vision API output) plus aggregated signals from all sources, to synthesize a verdict, summary, and confidence score. The raw image is not sent to the LLM.
Google OAuth
Receives your email and basic profile information when you choose to sign in. Used for account creation and authentication.
Payment processor (Stripe or Lemon Squeezy)
Receives payment information directly from your browser. We never see your full card number. Card data is governed by the processor's Privacy Policy. The current processor is listed on the pricing page.
Redis
Stores cached verdicts and analytics counters in memory. No personally identifiable information is stored in Redis.
Cloud hosting provider
Our backend and database are hosted on cloud infrastructure. Check results, content hashes, and account data are stored on their infrastructure, subject to their privacy policy.
5. Data Retention
Check results: Stored for the lifetime of the service to power permalinks and avoid reprocessing. You may request deletion at any time (see Your Rights). If the service is discontinued, all data will be deleted within 90 days.
Raw images:Not stored long-term. Only a small thumbnail (derived from the result) may be retained for the permalink page.
Text excerpts: Short excerpts are stored for permalink context and searchability.
Content hashes: Stored indefinitely for cache lookups and rate-limiting.
Analytics counters: Automatically expire after 90 days.
Magic link codes: Expire after 15 minutes and are single-use.
Device ID: Persists in chrome.storage.local until you clear browser data or uninstall the extension.
6. Public Permalinks
Every check result receives a public permalink at /v/{check-id} on our domain.
The check ID is a UUID — unguessable and not indexed by search engines unless the link is explicitly shared.
If you share a permalink, the verdict, summary, and sources become publicly viewable to anyone with the link.
You may request removal of a specific permalink by contacting us. We will honor removal requests within 30 days. Removal will break any shared links to that permalink.
7. Your Rights
You have the following rights regarding your data:
Delete your account: You can delete your account and all associated data (purchase history, email) at any time.
Request data export: Contact us to receive a copy of all data associated with your account or device ID.
Request deletion of specific results: If you checked content you would like removed from our database, contact us with the permalink or approximate time of the check.
Opt out of analytics: Use the extension without creating an account. In this mode, only an anonymous device ID is used.
Contact us: For any privacy concern, question, or complaint, email us at the address below. We respond within a reasonable timeframe.
8. GDPR Rights (EU/EEA Users)
If you are in the European Economic Area or United Kingdom, you have the following rights under the GDPR:
Access (Art. 15): request a copy of your data
Rectification (Art. 16): correct inaccurate data
Erasure (Art. 17): request deletion of your data and account
Portability (Art. 20): receive your data in a structured, machine-readable format
Object (Art. 21): object to processing based on legitimate interests
Withdraw consent (Art. 7): withdraw consent for processing based on consent
Lodge a complaint (Art. 77): you may lodge a complaint with your local data protection authority. A list of EU supervisory authorities is available at edpb.europa.eu.
Our lawful basis for processing is: (a) contract (Art. 6(1)(b)) for providing the fact-checking service you requested; (b) legitimate interests (Art. 6(1)(f)) for caching, abuse prevention, and service improvement; (c) consent (Art. 6(1)(a)) for account creation via OAuth. You may object to legitimate-interest processing at any time.
We do not engage in automated decision-making with legal or similarly significant effects (Art. 22). Fact-check verdicts are informational tools, not binding determinations.
9. California Privacy Rights (CCPA)
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):
Right to know what personal information we collect, the categories of sources, and the business purpose.
Right to delete your personal information.
Right to opt out of the sale of your personal information. We do not sell personal information, and this right does not apply.
Right to non-discrimination: we will not discriminate against you for exercising these rights.
Categories of personal information we collect: identifiers (email, device ID), commercial information (purchase history), and internet activity (content you submit for checking).
To exercise these rights, email alex@bukhalov.com with subject 'CCPA request'. We will verify your identity before responding, within 45 days.
10. International Data Transfers
Fact Checker is operated from Serbia. If you access the service from the European Economic Area, United Kingdom, or other jurisdiction with data protection laws, your data (including check inputs, email if you have an account, and content hashes) will be transferred to and processed in Serbia and the United States (where our cloud infrastructure and third-party APIs are located).
Serbia's Law on Personal Data Protection (ZSLP) mirrors the GDPR. We rely on Standard Contractual Clauses (SCCs) with our service providers (Google, payment processors) for lawful international transfers, as approved by the European Commission. For transfers to US-based providers, we rely on the EU-US Data Privacy Framework where our providers are certified participants.
Transfers are made under the SCCs and EU-US Data Privacy Framework described above.
11. Children's Privacy
Fact Checker is not directed to children under 13 and we do not knowingly collect personal information from children under 13. The service is a general-audience productivity tool. If you are a parent or guardian and believe your child has provided us with personal information (e.g., by creating an account), please contact us at alex@bukhalov.com. We will delete such information promptly and take steps to prevent further collection.
We do not use age-gating or targeted advertising. Free checks require no account and no personal information beyond an anonymous device ID.
12. Data Security
All API communication between the extension, our backend, and third-party services uses HTTPS / TLS encryption.
Database access is restricted to authenticated services and requires valid credentials.
Admin endpoints require API key authentication and are not exposed publicly.
We do not sell, rent, or trade your data to any party.
We do not share your data with any party beyond the API calls listed in Section 4.
13. Changes to This Policy
We may update this Privacy Policy as the service evolves. Changes will be posted on this page with an updated effective date. Continued use of the Fact Checker extension after changes are posted constitutes acceptance of the revised policy. If we make material changes that reduce your rights, we will provide additional notice through the extension or by email where possible.
14. Governing Law
This Privacy Policy is governed by the laws of Serbia. Disputes will be resolved in the competent courts of Serbia. Nothing in this policy limits any statutory rights you may have under your local data protection laws, including the GDPR if you are in the EEA or UK.
15. Disclaimer
Fact Checker provides AI-assisted verdicts for informational purposes only. Verdicts are not definitive statements of truth and are not a substitute for professional judgment, journalistic standards, or legal, medical, or financial advice. Always verify critical claims through primary sources.
16. Contact
For general inquiries, support, or privacy-related requests: