CRITH AIWe built CRITH to audit AI for you, not to harvest your data. This policy explains exactly what we collect, how we use it, and what we never do.
Your email address, full name if provided, and an encrypted password that is never stored in plain text. If you sign in with Google, we store your OAuth token.
When you receive an AI response on a supported platform, the response text (and the prompt that produced it, when needed for context) is sent from the extension to our backend at api.crith.app for analysis only. We use Anthropic's Claude models to detect hallucinations, unjustified assumptions, unsupported claims and missing context. The response text, the audit findings, the platform used and timestamps are stored in our database (Supabase) so you can review your audit history. We never sell this data and we never use it to train AI models. You can delete all of your data at any time from your account settings.
We collect your IP address, browser type and version, device type and operating system, session duration, and the version of the CRITH extension you are running.
We track how often you use CRITH, which AI platforms you use it on, and your session frequency and patterns to improve the product experience.
We never collect your browsing history outside of supported AI platforms, any content from pages you visit that are not AI platforms, or audio or screen recordings. We also never collect credit card or payment information directly. We use Stripe for payments and never see your full card details. We collect no data from outside the moments when CRITH is actively auditing an AI response.
Your data is used to audit AI responses for hallucinations, unsupported claims and missing context, sync your audit history across devices when logged in, improve our audit accuracy, send account confirmation and product update emails, analyze usage patterns to improve the product, and prevent abuse and enforce rate limits.
We never sell your data to third parties. We never use your prompts to train AI models. We never share your data with advertisers. We never share individual user data with any third party except as required by law.
Supabase handles our database and authentication storage. Google OAuth is available if you choose to sign in with Google. Anthropic API classifies your prompts. Prompts are sent to Anthropic for classification but are not stored by Anthropic beyond their standard API terms. Stripe processes payments for Pro subscriptions. We never see or store your full card details. Vercel hosts and deploys the CRITH website.
Your account data is kept as long as your account is active. You can delete your account at any time from your account settings. All associated data including prompts and scores is permanently deleted within 30 days of account deletion. We may retain anonymized aggregate data that cannot be linked back to you.
All data is encrypted in transit via HTTPS. It is stored in Supabase with row-level security, which means only you can access your own data. Passwords are never stored in plain text. We will notify you by email within 72 hours if we become aware of a data breach affecting your account.
The CRITH Chrome extension requests only the permissions needed for it to function.
Used to detect when an AI response appears on an AI platform you are currently viewing.
Used to save your session, settings and audit history locally in your browser.
Used to show the CRITH audit card directly on supported AI platforms.
Used to read AI responses and inject the CRITH audit card on these specific sites only. The extension does not run on any other website.
CRITH is not intended for users under 13. We do not knowingly collect data from anyone under 13. If you believe a child under 13 has created an account, contact us and we will delete it immediately.
You have the right to access all data we hold about you, correct any inaccurate data, delete your account and all associated data, export your data in a readable format, and opt out of product update emails at any time. For European users, all GDPR rights apply.
We will notify you by email if we make any significant changes to this policy. Continued use of CRITH after changes means you accept the updated policy.
For any privacy questions or data requests, email us at team@crith.app