한국어

Privacy Policy

Business Communication Assistant (BCA Assistant)

Last Updated: January 14, 2026

1. Overview

Business Communication Assistant (hereinafter "the Extension") prioritizes the protection of user privacy. This Privacy Policy explains the types of information the Extension collects, how it is used, and how it is protected.

2. Information We Collect

2.1 Information You Provide

Information Type Description Storage Location
API Keys API keys you enter for AI services (Google Gemini, OpenAI, Anthropic Claude) Browser local storage on your device (chrome.storage.local)
Input Text Text you input for tone conversion or translation Temporarily processed; not stored

2.2 Automatically Collected Information

Information Type Description Storage Location
User Settings Selected AI provider, model, language settings, and other preferences Browser local storage on your device
Usage Statistics Daily API call count (for cost estimation) Browser local storage on your device
Execution Logs Feature execution records (limited to most recent 1,000 entries) Browser local storage on your device

3. How We Use Information

Collected information is used only for the following purposes:

  1. Core Functionality: Providing text tone conversion and translation services
  2. Settings Persistence: Saving and restoring user preferences
  3. Usage Monitoring: Helping users track their own API usage and costs

4. Data Storage and Security

4.1 Local Storage

All data is stored only on your device.
  • The Extension does not operate its own servers and does not transmit or store user data on external servers.
  • Data is stored only on your local device through Chrome browser's chrome.storage.local API.

4.2 API Key Security

  • Your API keys are stored in encrypted form using AES-GCM 256-bit encryption.
  • Encryption keys are derived through PBKDF2 (Password-Based Key Derivation Function 2).
  • Plain-text API keys are immediately discarded from memory after processing.

4.3 Data Transmission

  • Text you input is transmitted only to the API endpoints of the AI provider you select (Google, OpenAI, or Anthropic) for AI processing.
  • The Extension developer cannot access this data.
  • All transmitted data is encrypted via HTTPS.

5. Third-Party Services

The Extension integrates with the following third-party AI services:

Service Provider Privacy Policy
Gemini API Google Google Privacy Policy
OpenAI API OpenAI OpenAI Privacy Policy
Claude API Anthropic Anthropic Privacy Policy
Important: Data transmitted to each AI provider's API is processed according to that provider's privacy policy. Users should review each provider's policy before using their services.

6. Your Rights

6.1 Data Access and Deletion

You can manage your data in the following ways:

  • View/Change Settings: Check and modify saved settings in the Extension's settings page
  • Delete Data: Delete all stored data through browser settings or by removing the Extension
  • Delete API Keys: Save empty values for API keys in the settings page to delete them

6.2 Extension Removal

Removing the Extension automatically deletes all related data stored in the browser's local storage.

7. Permission Usage

The purposes of browser permissions requested by the Extension are as follows:

Permission Purpose
storage Store user settings and API keys locally
clipboardRead Read text from clipboard for tone conversion/translation
clipboardWrite Copy conversion/translation results to clipboard
activeTab Process selected text on the current webpage
scripting Support text selection and replacement within webpages
notifications Display processing completion notifications
alarms Heartbeat mechanism for Service Worker stability

8. Children's Privacy

The Extension is not intended for children under 13 years of age and does not intentionally collect personal information from children.

9. Changes to Privacy Policy

This Privacy Policy may be updated as needed. Significant changes will be communicated through Extension update notes. Updated policies take effect from the date posted on this page.

10. Contact

If you have questions or concerns about this Privacy Policy, please contact us:

11. Summary

Server Storage None (all data stored locally only)
Personal Data Collection None (no collection of names, emails, or other PII)
Data Sales None
API Key Protection AES-GCM 256-bit encryption
User Data Control Full local control