By creating an account or using the ProtectedAI service, you agree to be bound by these Terms of Service ("Terms") and our Privacy Policy. If you do not agree to these Terms, do not use the service.
These Terms constitute a legally binding agreement between you and ProtectedAI ("we", "us", "our").
ProtectedAI provides a Chrome browser extension and associated backend services that detect and anonymize sensitive information in text before it is submitted to third-party AI platforms such as ChatGPT, Claude, and Gemini.
By default, text submitted for anonymization is processed in memory and discarded immediately — only detection metadata (entity types, counts, platform) is logged. Your organization's administrator may enable higher audit logging levels that store anonymized or original text for compliance purposes. See Section 5 for details and our Privacy Policy for full data handling disclosures.
To use ProtectedAI, you must:
The service is available for both personal and commercial use. You are responsible for complying with all laws and regulations applicable to your use of the service in your jurisdiction.
admin / member), and centralized settings.admin role.Feature availability depends on your subscription plan. See our pricing page for a detailed comparison of plan features.
Business account administrators have access to configuration and monitoring features that affect all team members. By enabling these features, administrators accept responsibility for their use in compliance with applicable laws and organizational policies.
Administrators configure an audit logging level that determines what data is captured when team members use the anonymization service:
| Level | Name | What is captured | Available on |
|---|---|---|---|
| 0 | Off | Nothing — no audit record is created | All plans |
| 1 | Metadata only | Entity types, counts, platform, severity, risk score. No text. | Team and above |
| 2 | Redacted context | Level 1 data plus anonymized text and entity map (no original values) | Pro and above |
| 3 | Full content | Level 2 data plus the original text submitted by the user | Enterprise only |
The default level is 1 (Metadata only). Retention periods are determined by plan: 90 days (Team), 180 days (Pro), or 365 days (Enterprise). After expiry, audit records and associated payload files are automatically deleted. See our Privacy Policy Section 2.3 for full details on data handling and encryption.
When enabled, the extension reports which supported AI platforms team members visit and when. This data is presented in the Shadow AI dashboard, giving administrators visibility into which AI tools the team uses. Key details:
See our Privacy Policy Section 2.4 for full details.
On Pro and Enterprise plans, administrators can enable DLP controls that restrict certain user actions on AI platforms at the browser level:
These controls are configured per platform by the administrator. When active, team members may be unable to share conversations or upload files on the affected platforms. The extension enforces these restrictions locally in the browser.
Administrators can create custom detection patterns (regex-based) that are applied to all team members' text during anonymization. These patterns extend the built-in entity detection with organization-specific rules (e.g., internal project codes, custom identifiers).
When you register, you agree to:
You are responsible for all activity that occurs under your account. ProtectedAI is not liable for any loss or damage arising from your failure to maintain the security of your credentials.
You agree not to:
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT.
Specifically, ProtectedAI does not warrant that:
You are responsible for reviewing the anonymized text before submitting it to any AI platform. ProtectedAI is not liable for sensitive information that the anonymization engine fails to detect.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PROTECTEDAI SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, GOODWILL, OR OTHER INTANGIBLE LOSSES.
IN NO EVENT SHALL PROTECTEDAI'S TOTAL LIABILITY EXCEED THE AMOUNTS PAID BY YOU IN THE TWELVE (12) MONTHS PRECEDING THE EVENT GIVING RISE TO THE CLAIM, OR USD $100.00 IF NO SUCH PAYMENTS HAVE BEEN MADE.
HIPAA Notice
ProtectedAI has not entered into a Business Associate Agreement (BAA) and does not currently operate as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA). No BAA is available at this time.
You must not use ProtectedAI to process Protected Health Information (PHI) as defined under HIPAA without a valid, executed BAA with ProtectedAI.
Users in regulated industries — including healthcare, finance, and legal services — are solely responsible for evaluating whether their use of this service complies with all applicable regulations before using it. ProtectedAI makes no representations regarding compliance with HIPAA, HITECH, PCI-DSS, or any other sector-specific framework. ProtectedAI assumes no liability for regulatory non-compliance resulting from a user's decision to use this service.
The service, including its software, algorithms, design, trademarks, and all related technology, is the exclusive property of ProtectedAI. These Terms do not grant you any ownership rights in the service. You receive a limited, non-exclusive, non-transferable license to use the service as permitted by these Terms.
You retain all rights to the content you process through the service. By using the service, you grant ProtectedAI a limited license to process your content solely to provide the anonymization service. At the default audit logging level (Level 1), this license is temporary and ends upon processing. When your organization's administrator enables Level 2 or Level 3 audit logging, this license extends for the duration of the configured retention period (90–365 days by plan) to permit storage of anonymized or original text for compliance and audit purposes. After the retention period, stored content is automatically deleted and the license terminates.
ProtectedAI acts in different data processing capacities depending on the context:
Enterprise customers who require a Data Processing Agreement (DPA) to formalize this relationship may contact us at support@protectedai.io.
You may delete your account at any time through your account settings or by contacting support@protectedai.io. When you request deletion, your account enters a 30-day grace period during which you can cancel the request. After 30 days, your account is permanently anonymized and all personal data is removed. See our Privacy Policy Section 8 for full details on the deletion process.
ProtectedAI reserves the right to suspend or terminate your account, with or without prior notice, if:
Serious violations — including illegal activity or unauthorized access to other users' data — may result in immediate termination without notice.
ProtectedAI reserves the right to modify these Terms at any time. We will notify you by email at least 30 days before material changes take effect. Continued use of the service after the effective date constitutes acceptance of the updated Terms.
These Terms are governed by the laws of Colombia. Any dispute arising from or relating to these Terms or the use of the service will be submitted to the competent courts of Colombia.