← Back to PactScan
Privacy Policy
TL;DR — PactScan analyses vendor agreements using your own Gemini API key (BYOK), called directly from your browser. The agreement and your key stay on your device. Nothing routes through a PixelForgeHub server. No accounts, no tracking.
1. What we collect
- Nothing on our servers. The agreement you scan, the resulting report, your Gemini key, and your settings all stay inside the extension on your device (
chrome.storage.local). - No analytics, no accounts, no cookies. The extension does not phone home.
2. What we never do
- We never receive, store, or forward your contracts — there is no PixelForgeHub server in the analysis path.
- We never train AI models on your data. The analysis request goes directly from your browser to Google's Gemini API under your own API key's terms.
- We never sell, share, or rent user data, and we run no third-party trackers.
3. Data flow
| Event | Sent | Where | Retention |
|---|---|---|---|
| Scan a document | The agreement text / PDF | Your browser → Google Gemini API (direct, your key) | Not stored by us |
| Report + history | The generated report | Stays in your browser (last 20) | Until you clear it |
| Gemini API key | Your key | Local extension storage on your device | Until you clear it / remove the extension |
| Pro license | License-key string only | Lemon Squeezy (validation) | Per Lemon Squeezy |
Requests made under your Gemini key are governed by Google's Gemini API terms and privacy policy, between you and Google.
4. Permissions, and why
sidePanel— the entire UI runs in Chrome's side panel.storage— to save your key, license, settings, and report history locally.downloads— to save the compliance report you export.- Host
api.lemonsqueezy.com— solely to validate your Pro license key.
PactScan requests no access to the pages you browse, runs no content scripts, and does no scraping.
5. Your rights (GDPR + India DPDP)
- We hold no personal data about you on any server, so there is nothing for us to export or delete on our side.
- To erase everything locally, remove the extension from Chrome (Manage Extensions → Remove).
- Questions? Email yogesh@pixelforgehub.pro.
6. Subprocessors
- Google Gemini API — document analysis, called directly from your browser with your own key · privacy
- Lemon Squeezy — Pro license validation (license-key string only) · privacy
- Vercel — hosting for this marketing/privacy page only (no contract data passes through it) · privacy
7. Disclaimer
PactScan flags procurement risks in vendor agreements for human review and does not provide legal advice. For agreements above $25,000 in value or with unusual terms, have your legal or procurement team review before signing.
8. Contact
Email yogesh@pixelforgehub.pro. We respond within 24 hours IST.