POPIA-ALIGNED · ZERO PROMPT STORAGE

Privacy Policy

Last updated: 2026-04-16

The one thing you need to know

We never receive, store, log, or transmit the contents of your prompts. All DLP scanning happens locally inside your browser. The Endon AI extension intercepts outbound requests to AI providers, runs detection on the device, and either allows, redacts, or blocks the request before it leaves the machine.

What we do collect

The backend at web-production-58775.up.railway.app only stores:

  • Account data — your email, full name, organization name, hashed password (managed by Supabase Auth).
  • Telemetry events — counts and categories of detected items (e.g. "1 API_KEY blocked at 14:02"), but never the secret itself.
  • Policy configuration — the rules your admin sets in the dashboard.
  • Audit logs — admin actions (login, policy changes, invitations) for compliance.
  • Billing metadata — Stripe customer ID, subscription status. Card numbers are stored by Stripe, never by us.

Where data lives

  • Database: Neon (Postgres), region of your choice (default: EU).
  • Authentication: Supabase Auth.
  • Hosting: Railway (US-East by default; EU available on request).
  • Billing: Stripe.
  • Email: SendGrid / Resend (only for invitations, password resets).

POPIA compliance (South Africa)

Endon AI is built to align with the Protection of Personal Information Act (POPIA, Act 4 of 2013):

  • Section 11 — consent: admins record explicit consent for monitoring; users can withdraw at any time.
  • Section 14 — retention: configurable per tenant; default 90 days, max 7 years.
  • Section 19 — security safeguards: TLS in transit, AES-256 at rest, scoped tenant isolation.
  • Section 23 — DSARs: Data Subject Access Requests are answered within 30 days via the admin dashboard.
  • Section 72 — cross-border: every transfer to a US/EU AI provider is logged for the tenant.

Your rights

  • Access — request a copy of all data we hold about you.
  • Correction — fix anything that's wrong.
  • Deletion — delete your account and we purge within 30 days.
  • Portability — export your data as JSON.
  • Object — opt out of any optional telemetry.

Email privacy@endonai.com to exercise any of these.

Browser permissions explained

The extension requests:

  • storage — to remember your policy locally between page loads.
  • alarms — to refresh policy from the backend on schedule.
  • scripting — to inject the DLP scanner into AI tool pages.
  • host_permissions on AI tool domains — to read and rewrite outbound requests there.

No other browsing activity is read or transmitted.

Cookies

The marketing site (endonai.com) uses one essential cookie for session continuity. No third-party trackers, no analytics that personally identify you.

Contact us

Questions about this policy? Email privacy@endonai.com.