Privacy
Privacy policy
Last updated: June 5, 2026
This policy explains what data Main AI collects, why we collect it, how we protect it, and what controls you have over it.
📄
Document handling
Uploaded files are processed server-side to extract text, classify document type, generate findings, and populate your dashboard. Documents are not stored permanently after analysis unless you explicitly save them.
◎
Account data
We process your email address, plan status, authentication tokens, and workspace activity to operate the product, manage billing, and provide support.
AI
AI processing
Document text may be sent to third-party AI providers (Anthropic Claude, DeepSeek) solely to generate your analysis. We do not share your content for their training purposes.
🔒
Security
All data is transmitted over encrypted connections (HTTPS/TLS). Firebase Auth manages authentication tokens. S3 storage uses server-side encryption. We apply reasonable technical safeguards throughout.
↺
Retention
Analysis history, report exports, and workspace data are retained to power your document library. You may request deletion at any time by contacting us at mainaihelp@gmail.com.
✓
Your rights
Depending on your location, you may have rights to access, correct, delete, or export your data. Contact us to exercise any of these rights — we will respond promptly.
✦Main AI is not designed for processing highly regulated sensitive data (HIPAA, PCI-DSS, etc.) unless agreed in writing. Please do not upload documents containing full financial account numbers, SSNs, or similarly sensitive identifiers without understanding the risk.
Data we collect
- Email address and authentication credentials (via Firebase Auth)
- Uploaded document text (extracted during analysis, not stored as raw files)
- Plan and billing status (via Stripe — we do not store card details)
- Usage signals such as document types analyzed, features used, and session activity
- Support communications if you contact us
- Browser extension (if installed): page text you choose to analyze, source URL and page title of analyzed pages, your extension authentication session (stored locally in your browser only)
Browser extension
The Main AI browser extension adds document analysis directly to your browser. Here is exactly what it does and does not do:
- Page reading — on demand only. The extension reads the text content of a page only when you explicitly click "Analyze this page" in the extension popup or right-click and choose an analyze option. It does not read pages automatically or in the background.
- Sign Intercept — e-signature platforms only. On supported e-signature platforms (DocuSign, HelloSign, Adobe Sign, PandaDoc, SignNow, Ironclad), the extension injects a "Review with Main AI" button near the sign button. No page content is read until you click that button.
- What is sent to your dashboard. When you trigger analysis, the visible text of the page is extracted and sent to your signed-in Main AI account for analysis. The source URL and page title are also recorded so you know where the document came from.
- What is never sent. Passwords, payment card numbers, form field values, cookies, and browser history are never read or transmitted. The extension only reads visible page text.
- Authentication. The extension authenticates using your Main AI account (Firebase Auth). Your session is stored locally in
chrome.storage.local and is namespaced to your user ID. Signing out wipes all locally stored extension data immediately.
- Cross-user isolation. All extension storage keys are namespaced by user ID. A different user signing in on the same browser cannot access the previous user's data. Signing out triggers a full
chrome.storage.local.clear().
- No persistent background activity. The extension does not run continuously in the background, does not track your browsing history, and does not send data to Main AI unless you explicitly trigger an analysis.
- Local storage only. Recent analysis history displayed in the extension popup is stored locally in
chrome.storage.local and never leaves your browser independently of an analysis action.
Third-party services
Main AI's document intelligence — the risk engine, the clause-by-clause analysis, and the ongoing watch over every contract you've uploaded — is built and owned by Main AI. To deliver it as a reliable web service, we rely on a small set of established infrastructure providers, the same building blocks used across most modern software:
- Anthropic & DeepSeek — large language models we send document text to so our engine can generate analysis. Your content is never used to train their models.
- Firebase (Google) — sign-in and account database
- AWS S3 — encrypted document and asset storage
- Stripe — payment processing (no card data touches our servers)
- Netlify — hosting and serverless functions
These providers handle storage, delivery, and raw model access — they don't make the judgments. The analysis, the cost math, and the recommendations are Main AI's own. Each provider operates under its own privacy policy and processes data only as needed to deliver the service.
Contact for privacy matters
For access requests, deletion, correction, or any privacy concern: mainaihelp@gmail.com