Privacy Policy

GrannySafe is built to protect people, not exploit their data. This policy explains exactly what information we collect, how we use it, and the choices you have.

Last updated: March 15, 2026

Who We Are

GrannySafe is a Chrome browser extension that helps protect elderly users from online scams by analyzing webpage content in real time. The extension and website are operated at grannysafe.io. When we say "GrannySafe," "we," "us," or "our" in this policy, we mean the team behind the GrannySafe extension and website.

What the Extension Collects

Page content sent for analysis

When you visit a webpage, GrannySafe extracts the visible text content of that page and sends it to our backend API for analysis. This text is processed by an AI model (powered by Anthropic's Claude API) to determine whether the page exhibits characteristics of known scam patterns. The analysis returns a risk score and safety assessment — nothing more.

The page text is used solely for the purpose of scam detection. It is not stored permanently on our servers, is not indexed, and is not used to build profiles about you or your browsing habits.

What we do NOT collect

Browsing history: GrannySafe does not record, store, or transmit your browsing history. We do not know which sites you visit unless a page is actively being analyzed.
Personal information: We do not collect your name, email address, physical address, or any personally identifiable information through the extension.
Passwords or form data: The extension never accesses, reads, or transmits passwords, credit card numbers, or any data you enter into forms.
Keystrokes: GrannySafe does not log keystrokes or monitor your input in any way.

Local storage

The extension uses chrome.storage.local (your browser's local storage) to cache analysis results so that pages you revisit do not need to be re-analyzed. This data stays on your device and is never transmitted to us. Cached results expire automatically after 24 hours. You can clear this data at any time by uninstalling the extension or clearing your browser data.

The extension also stores your preferences locally, such as whitelisted domains and protection mode settings. These never leave your device.

What the Website Collects

Contact form submissions

If you contact us through any form on grannysafe.io, we collect the information you voluntarily provide — typically your email address and message content. We use this solely to respond to your inquiry and do not add you to marketing lists unless you explicitly opt in.

Analytics

We may use privacy-respecting analytics to understand how visitors use our website (pages visited, time on page, referral source). These analytics do not track individual users across websites and do not use persistent identifiers. No analytics data from the website is connected to your extension usage.

Cookies

The grannysafe.io website uses minimal cookies. We do not use advertising cookies, tracking pixels, or retargeting tools. Any cookies present are strictly functional — for example, to remember if you have dismissed a notification. The GrannySafe extension itself does not set or read cookies on any website you visit.

Third-Party Services

Page text sent for analysis is processed using Anthropic's Claude API. Anthropic acts as a data processor on our behalf. Under Anthropic's data usage policy, API inputs are not used to train their models. No other third-party services receive your page content or personal data through the extension.

We do not sell, rent, license, or share your personal information with third parties for their own marketing or commercial purposes. Period.

Data Retention

Page text sent for analysis: Processed in real time and not stored on our servers after the analysis response is returned.
Cached results on your device: Automatically expire after 24 hours. You can delete them at any time.
Contact form submissions: Retained for as long as needed to resolve your inquiry, then deleted within 90 days unless ongoing communication requires otherwise.
Analytics data: Aggregated and anonymized. No individual-level data is retained beyond 26 months.

Data Security

All communication between the extension and our backend API is encrypted using TLS (HTTPS). We apply industry-standard security practices to our infrastructure, including regular security reviews and access controls. While no system is perfectly immune to every threat, we treat your data with the seriousness it deserves.

Your Rights Under GDPR

If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights regarding your personal data:

Access: You can request a copy of any personal data we hold about you.
Rectification: You can ask us to correct inaccurate data.
Erasure: You can ask us to delete your data (right to be forgotten).
Restriction: You can ask us to limit how we process your data.
Portability: You can request your data in a structured, machine-readable format.
Objection: You can object to data processing based on legitimate interests.

Because GrannySafe collects minimal personal data by design, many of these requests may be straightforward — in most cases, we simply do not have data to provide or delete. To exercise any of these rights, email us at support@grannysafe.io.

Our legal basis for processing page text is legitimate interest — specifically, the interest of protecting users from fraudulent and harmful web content. For contact form data, our basis is consent (you choose to contact us).

California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act gives you specific rights:

Right to know: You can request what personal information we collect and how we use it. This policy is our primary disclosure.
Right to delete: You can request deletion of personal information we have collected from you.
Right to opt out of sale: We do not sell personal information. We have never sold personal information. There is nothing to opt out of.
Non-discrimination: We will not treat you differently for exercising your privacy rights.

To make a CCPA request, contact us at support@grannysafe.io.

Children's Privacy

GrannySafe is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. The extension is designed for use by adults, particularly elderly users and their family members. If you believe a child has provided us with personal data, contact us immediately at support@grannysafe.io and we will delete it.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for legal and regulatory reasons. When we make meaningful changes, we will update the "Last updated" date at the top of this page. For significant changes, we may also notify users through the extension or via email if we have your contact information.

Contact Us

If you have questions about this privacy policy, want to exercise your data rights, or have concerns about how GrannySafe handles your information, reach out to us:

Email: support@grannysafe.io

We respond to all privacy-related inquiries within 30 days.