Privacy Policy

Last Updated: August 19, 2025

This Privacy Policy describes how Updoot ("Updoot", "we", "us", or "our"), operating CheatCode, collects, uses, and protects your information when you use our website at cheatcode.fun ("Website", "Platform"), browser extension ("Extension"), and associated services.

Introduction and Scope

This policy applies to:

  • The CheatCode website (cheatcode.fun)
  • The CheatCode browser extension
  • Account management and authentication services
  • API services supporting the CheatCode browser extension
  • Payment and subscription management
  • Customer support interactions

By using our services, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Information You Provide

  • Account Information: Email address, username, and profile information
  • Payment Information: Processed securely through Stripe (we do not store credit card details)
  • User Content: Text selections, questions, and chat messages for AI assistance
  • Screenshots: Visual captures you choose to attach (stored temporarily for 24 hours)

Information Collected Automatically

  • Usage Data: Features used, interaction patterns, and performance metrics
  • Technical Information: Browser type, extension version, and error logs
  • Authentication Tokens: JWT tokens for secure session management
  • Local Preferences: Settings stored in Chrome storage

Information We Do NOT Collect

  • ❌ Browsing history or general web activity
  • ❌ Personal files on your computer
  • ❌ Passwords or sensitive form data from websites
  • ❌ API keys (remain on servers only)

How We Use Your Information

To Provide Services

  • Process educational queries through our hybrid AI system
  • Maintain chat history and learning progress
  • Provide personalized AI responses
  • Manage your account and subscription

To Improve Our Service

  • Analyze usage patterns to optimize AI routing
  • Debug technical issues and improve performance
  • Develop new features based on aggregated data
  • Ensure system security and prevent abuse

AI Processing and Privacy

Hybrid AI Architecture

  • On-Device Processing: Simple queries processed locally using Gemini Nano for maximum privacy
  • Cloud Processing: Complex queries sent to cloud AI with your explicit consent
  • Smart Routing: Automatic routing based on query complexity and privacy preferences
  • No Training on Your Data: Your personal data is never used to train AI models

Data Security

Technical Measures

  • TLS/HTTPS encryption for data in transit
  • AES-256 for sensitive data at rest
  • Role-based access controls
  • SOC 2 compliant infrastructure

Storage Practices

  • Screenshots deleted after 24 hours
  • Chat history auto-cleanup after 30 days
  • Secure US-based servers
  • Regular security audits

Your Rights and Controls

Access and Export

View and download all your personal data

Delete Your Data

Request complete deletion of your account and data

Privacy Settings

Choose between local and cloud AI processing

Communication Preferences

Control which emails and notifications you receive

Data Sharing

We Never:

  • ❌ Sell your personal information to third parties
  • ❌ Share individual usage data with educational institutions
  • ❌ Use your content for advertising purposes
  • ❌ Allow third parties to track you through our extension

We Share Data Only With:

  • Stripe: For secure payment processing
  • OpenRouter: For cloud AI processing (query content only)
  • Infrastructure Providers: SOC 2 compliant hosting services
  • Legal Requirements: When required by law or court order

Cookies and Tracking

Essential Cookies

Required for authentication, security, and preferences

Analytics (Optional)

Anonymous usage analytics with your consent

Jurisdiction-Specific Rights

California (CCPA/CPRA)

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out (we don't sell data)
  • Non-discrimination for exercising privacy rights

European Union (GDPR)

  • Right to access and data portability
  • Right to rectification and erasure
  • Right to restrict processing
  • Right to lodge complaints with supervisory authorities

Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child, please contact us immediately.

Contact Us

Privacy Inquiries:privacy@cheatcode.fun
Data Protection Officer:dpo@cheatcode.fun

Updates to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes through extension update notes, email notifications, or prominent notices in the extension interface. Continued use after updates constitutes acceptance of the revised policy.

This Privacy Policy is effective as of August 19, 2025.
CheatCode is a product of Updoot.
We are committed to protecting your privacy and earning your trust through transparent data practices.