MenuCraft Ultra 隐私政策

最近更新日期：2026年2月25日

MenuCraft Ultra（以下简称“本插件”或“我们”）深知隐私对您的重要性。本隐私政策旨在完整、清晰地说明我们在您使用本浏览器插件、关联扩展程序以及支付服务网站时，如何收集、使用、存储和保护您的数据。

1. 信息的收集

为了向您提供核心的智能上下文菜单、侧边栏 AI 对话及高级服务，我们仅收集实现功能所必需的数据：

• 账户信息：如果您选择登录或购买 Pro 服务，我们会收集您的电子邮箱地址。这作为您的身份凭证，用于发放对应的高级呼叫配额。
• 用户设置与配置：我们会在浏览器本地或云端同步保存您的偏好设置（例如语言选择、自定义 Prompt 规则、您本人添加的外部 API Key 等）。
• 提示词载荷（Prompt Payload）：当您主动选中网页文本并调用 AI，或在侧边栏输入指令时，相关的会话文本将被收集发送以换取 AI 的处理反馈。

重要声明：本插件绝不会在后台监控您的上网行为，绝不会上传您的全局浏览历史记录。内容提取仅发生在您明确、主动触发插件功能的特定时刻。

2. 信息的处理与使用

我们收集的信息严格限于以下目的：

• 提供和优化插件的核心工具链与 AI 对话功能。
• 验证用户身份，确保 Pro 权益及调用额度的准确分配。
• 跨设备同步您的自定义配置。
• 为客户售后支持提供依据。

3. 信息的共享与外部服务

我们采取了所有必要措施限制数据传播，仅在功能必需的极小范围内进行共享：

• AI 核心提供商：您向 AI 发送的具体指令与上下文，将通过安全连接即刻转发至我们合作的顶级大语言模型提供方（如 Google Gemini、OpenAI、Anthropic 等）。这些业界标准提供方依据其 B2B 级别隐私协议，均承诺不利用 API 数据进行长期自我模型训练。
• 鉴权与支付：所有的信用卡与支付操作均在外部最高安全标准的网关（PayPal / Stripe）独立完成，我们无权且不会触碰、收集或存储任何财务敏感信息（如信用卡全号）。基础的账号状态鉴定由经过 SOC2 认证的云数据库服务商 (Supabase) 承载。

我们的底线：在任何阶段、任何情况下，我们都不会向第三方“出售、出租、交易或分享”您的个人数据以供营销或广告活动使用。

4. 数据的保留与删除

• 本地控制：您可以通过浏览器扩展设置或卸载插件，物理抹除全部驻留在前端的本地缓存配置与缓存。
• 云端删除：若您需要彻底注销您的邮箱身份、取消所有当前及后续的云端状态，您可以通过下方邮件渠道直接要求我们对数据库执行针对您数据的不可逆删除。

5. 数据安全

扩展程序发出的所有外部请求及其后端业务响应通信，全程遵循最严格的 HTTPS TSL/SSL 通道加密规范，以防遭受任何第三方的网络层监听或阻断篡改。

6. 联系我们

如对隐私操作、您的权利有疑问，或发现合规漏洞，请随时与我们沟通：

联系信箱： eugeniapatton24@gmail.com

Privacy Policy for MenuCraft Ultra

Last Updated: February 25, 2026

MenuCraft Ultra ("the Extension", "we", or "us") respects your privacy implicitly. This Privacy Policy comprehensively covers how we collect, use, store, and protect your data across our browser extension, API touchpoints, and billing service website.

1. Information Collection

To deliver core capabilities like the intelligent context menu, sidebar AI chat, and Pro-tier services, we exclusively collect the fundamental minimum data needed:

• Account Information: If you elect to log in or purchase Pro credits, we gather your email address. This functions purely as your unique credential ensuring premium call quotas are assigned to your identity.
• Initial Configuration & Settings: We store your operational preferences locally or sync them via cloud (e.g., language selection, customized context prompts, or custom external API keys you inject yourself).
• Prompt Payloads: Actively highlighting page text, triggering an AI context lookup, or engaging the sidebar dialogue inherently passes associated text excerpts out so an AI processing response can be formulated.

Critical Declaration: The Extension DOES NOT covertly monitor your general web browsing behind the scenes, nor does it upload your global browsing history. Text extraction exclusively initiates only upon your deliberate, explicit invocation of the Extension's features.

2. Information Processing and Purpose

Information handling is strictly locked to serving these purposes:

• Facilitating and optimizing the operational core of the toolsets and AI conversational functionality.
• Verifying user validation status, guaranteeing accurate Pro benefit distributions.
• Synchronizing personalized settings seamlessly across your owned devices.
• Resolving after-sales customer support requirements.

3. Data Sharing and Third-Party Sub-Processors

We institute stringent dissemination barriers, restricting data sharing exclusively to operationally mandatory nodes:

• Foundational AI Providers: Explicit commands and contextual snippets you initiate are dynamically relayed over secure transit to industry-leading Language Model providers (like Google Gemini, OpenAI, Anthropic). Bound by B2B-grade API privacy pledges, these infrastructure partners firmly commit to excluding such API data payloads from enduring generalized model training regimens.
• Authentication & Payment Gateways: Absolute processing of credit cards and transactions execute purely encapsulated within premier remote gateways (PayPal / Stripe). We possess no clearance, access, or mechanism to touch or warehouse sensitive financial data (like raw credit card integers). Fundamental identity state coordination leans upon SOC2-compliant cloud database infrastructure (Supabase).

Our Hard Rule: Under no phase, timeframe, or circumstance do we "sell, rent, aggregate-trade, or share" your specific personal data vectors to secondary markets or external marketing apparatuses.

4. Retention and Right to Deletion

• Local Governance: Reset functionality or outright Extension uninstallation empowers you to eradicate all persistently cached settings and histories domiciled directly within your browser runtime environments.
• Cloud Sovereignty Wipe: Should you demand comprehensive closure of your email-bound identity, severing current allocations and erasing centralized settings configurations, please trigger a directive to the contact channel below forcing an irreversible structured delete upon our databases concerning your footprint.

5. Security Vectors

End-to-end transmissions exiting the extension pushing to external endpoints strictly lock onto mandatory HTTPS TLS/SSL protective encryption, comprehensively mitigating vector man-in-the-middle data surveillance vulnerabilities.

6. Reach Us

For questions targeting privacy mechanics, inquiries enforcing your data prerogatives, or to flag oversight potentials, connect directly:

Contact Mailbox: eugeniapatton24@gmail.com