Privacy Policy

When you use HumanWroteThis, we may collect:

• Email address — if you create an account, used only for authentication and account-related communication.
• Display name and username — shown publicly on certificates you choose to make public.
• Content you type — stored as part of your certificate. Public certificates are visible to anyone with the code. Private certificates are visible only to you.
• Certificate metadata — character count, word count, date, and visibility setting.
• Authentication session data — stored locally in your browser or, in the Chrome extension, in Chrome's local extension storage.

We do not collect payment information, precise location, or any data beyond what's listed above.

We use your data to operate the service — to store certificates, authenticate your account, and display your name on certificates you've authored. We use anonymized analytics data to understand how the product is used and improve it. We do not use your content to train AI models, sell it to third parties, or use it for advertising.

Public certificates are accessible to anyone who has the certificate code. The content, metadata, and author name (if you're logged in) are all visible.

Private certificates store your content but do not display it to anyone except you when logged in. Others can confirm a code exists but cannot read the content.

Anonymous certificates (created without an account) are always public and have no author attached.

Your data is stored using Supabase, a hosted database service. Data is stored on servers in the United States. Supabase's own privacy policy governs their handling of infrastructure-level data.

We use Google Analytics 4 to understand how the service is used in aggregate — pages visited, session duration, and approximate location derived from IP address. This data is anonymized and used only to improve the product. We do not use it for advertising. You can opt out via Google's opt-out tool.

We use browser local storage to maintain your login session. We do not use advertising cookies. Google Analytics 4 and Google Sign-In may set cookies from Google's domains. No other third-party tracking is in use.

You can delete your account and all associated data at any time by emailing us. You can make any public certificate private (or vice versa) from your dashboard. If you created an anonymous certificate and want it removed, contact us with the code.

HumanWroteThis is not directed at children under 13. We do not knowingly collect data from anyone under 13.

If we materially change how we handle your data, we'll update the date at the top of this page. Continued use of the service constitutes acceptance.