Privacy Policy

1. Introduction

Welcome to BiasChecker.ai ("we", "us", or "our"). We respect your privacy and are committed to being transparent about our data practices.

This privacy policy explains how we collect, use, and protect your information when you use our website, Chrome extension, and related services, in compliance with the General Data Protection Regulation (GDPR), the UK GDPR, and other applicable data protection laws.

Data controller. The controller responsible for your personal data is Tautech BV (KvK no. 83747311), Salland 1, 1948 RE Beverwijk, the Netherlands. For any privacy question or to exercise your rights, contact us at contact@biaschecker.ai.

BiasChecker.ai is an AI-powered media analysis utility. How we handle the content you analyse depends on how you submit it (see Section 2.2). In summary: to produce an analysis, the text you submit is sent to third-party AI providers and passes through our servers; for web page analyses we retain numerical metrics and positional anchors rather than the article text, whereas text you paste or type directly is stored, together with its analysis, in your private account area so you can revisit, manage, and delete it.

2. Information We Collect

2.1 Account Information

When you sign in to BiasChecker.ai using Google, we collect the following information from your Google account:

• Email address - Used to identify your account and communicate with you
• Name - Used to personalize your experience
• Profile picture - Displayed in the user interface

This information is provided by Google through their OAuth authentication service. We only access information you authorize through Google's consent screen.

2.2 Analysis Data

When you use our bias analysis tools:

• Processing by AI providers - To generate an analysis, the text you submit is transmitted to and processed by third-party AI providers (see Section 6) and passes through our servers for that purpose
• Web page analyses - When you analyse a web page in the browser extension, we store the analysis as numerical metrics, category classifications, and positional anchors. We do not store the article's full text or verbatim quotations on our servers; quotations are re-resolved from the live page in your browser. These analyses are stored in a shared cache keyed to the public content and are not linked to your account
• Text you submit directly - When you paste or type text to analyse (for example on our website), we store the text you submit together with the resulting analysis (including verbatim quotations) in your private account area, so you can revisit, manage, export, and delete them. These are visible only to you and are linked to your account
• Operational records - Separate account, billing, security, and abuse-prevention systems store non-content operational records such as account status, subscription status, credits, token usage totals, authentication records, request status, error information, and technical metadata
• Token usage - We track the number of tokens used per account for billing purposes

Account linkage: Analyses of web pages and other public content are stored in a shared cache and are not linked to the user who requested them. Analyses of text you submit directly are stored in your private account area and are linked to your account, so you can find, manage, and export them.

Please do not submit confidential, proprietary, highly sensitive, legally restricted, or special-category personal data unless you have the legal right and all required permissions to do so.

2.3 Analytics Information

We use Google Analytics to understand how visitors interact with our website. Google Analytics collects standard internet log information and details of visitor behaviour patterns, including online identifiers such as cookie IDs and IP-derived approximate location, which we use in aggregate to improve our services. Where required by law, analytics cookies are used only with your consent (see Section 7).

3. How We Use Your Information

We use the information we collect to:

• Provide and maintain your account
• Authenticate you when you sign in
• Personalize your experience on our website
• Generate AI-powered analyses, scores, and related outputs you request
• Reconstruct or retrieve previous analysis outputs for the same or substantially similar public content from stored numerical metrics and positional anchors
• Track token usage, credits, subscriptions, billing, fraud prevention, and abuse prevention
• Improve our services and develop new features
• Communicate with you about service updates
• Analyze usage patterns to improve user experience

We do not sell your personal information to third parties.

4. Legal Bases for Processing

Where the GDPR applies, we process personal data on the following legal bases:

• Contract - To create and manage your account, provide the Service, process payments, deliver analyses, and manage subscriptions or credits
• Legitimate interests - To analyse and provide critical commentary on published media content (an information and expression activity), secure the Service, prevent abuse, debug errors, improve performance, reuse stored metrics and anchors for public content, understand aggregate usage, and protect our legal rights
• Consent - For optional analytics, cookies, marketing communications, or other features where consent is required
• Legal obligation - To comply with tax, accounting, consumer protection, law-enforcement, or regulatory obligations

Analysis of published media and special-category data. Our core function is the analysis of, and commentary on, published media content that our users choose and submit. That content may name or discuss identifiable individuals and may incidentally reveal special-category information about them (such as political opinions). We carry out this processing for journalistic, academic, artistic, and literary expression and for the provision of information, and we rely on the freedom-of-expression and "special purposes" provisions implemented under Article 85 of the GDPR (and the equivalent "special purposes" exemption in Schedule 2 of the UK Data Protection Act 2018), together with our legitimate interests, as the basis for it. We do not use this content to build profiles of individuals or to make decisions about them.

Content you submit. Where you paste or submit your own text, you choose what to send and are responsible for ensuring you have a lawful basis to do so. In respect of that submitted content you determine the purpose of the processing and we act on your instructions to produce the analysis you request, as further described in our Terms of Service.

5. Data Storage and Security

Your account information, saved analyses, usage records, stored numerical metrics, positional anchors, and technical metadata are secured using industry-standard cloud infrastructure that provides:

• Encryption for data at rest and in transit
• Secure token-based authentication
• Compliance with major security standards

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

No internet-based service can guarantee absolute security. You are responsible for not submitting content you are not authorized to process and for keeping your account credentials secure.

6. Third-Party Services

We use the following third-party services that may process your data:

• Google Sign-In — For authentication. Subject to Google's Privacy Policy
• Google Analytics — For website analytics. You can opt-out using the Google Analytics Opt-out Browser Add-on
• Paddle — For payment processing. When you purchase a subscription, your payment details are handled by Paddle (our Merchant of Record). Subject to Paddle's Privacy Policy. BiasChecker.ai does not store your payment card details.
• AI / LLM Providers — To generate analyses, the text you submit is transmitted to and processed by large language model providers, which may include AWS Bedrock (Amazon), OpenAI (API models), xAI (Grok), and Google (Gemini), depending on the model or feature you select. We use the business or API tiers of these providers where available; under those terms your content is used to generate your analysis and is not, to the extent within our control, used by the provider to train its models. Please review the respective privacy policies: AWS, OpenAI, xAI, Google.
• Cloud Infrastructure — Your account data, saved analyses (including any text you submitted), usage records, numerical metrics, positional anchors, and non-content operational metadata may be stored or processed on servers located in the United States or other countries where our providers operate. Where required, international transfers are protected by appropriate safeguards such as the European Commission's Standard Contractual Clauses (and, for transfers from the United Kingdom, the UK International Data Transfer Addendum), data processing agreements, or other lawful transfer mechanisms.

7. Cookies

We use cookies and similar technologies for:

• Essential / authentication - To keep you signed in and maintain your session. These are necessary for the Service to function
• Analytics - To understand how you use our website (Google Analytics). These are non-essential and, where required by law, are used only with your consent

You can manage non-essential cookies through any consent controls we provide and through your browser settings. Declining analytics cookies will not affect essential functionality. Most browsers let you refuse or delete cookies; refusing essential cookies may affect your ability to sign in.

8. Your Rights

Under the GDPR and applicable data protection laws, you have the following rights:

• Right of access — Request a copy of the personal information we hold about you. This includes your account profile (name, email, plan), aggregate token usage, and any analyses you have saved to your private account (including text you submitted).
• Right to rectification — Your name, email address, and profile picture are sourced directly from your Google account. To correct them, update your Google profile. If any other information we hold is inaccurate, please contact us and we will correct it.
• Right to erasure — Delete your account and all associated data, including your saved analyses and any stored text, directly from the dashboard (Account section).
• Right to data portability — Download an export of your data directly from the dashboard (Account section). The export is a ZIP archive containing your account profile, usage statistics, and your saved analyses (including any text you submitted).
• Right to restrict or object to processing — You may ask us to restrict processing of your personal data, or object to processing we carry out on the basis of our legitimate interests (including analytics), as described in Section 4.
• Right to withdraw consent — Where we rely on your consent (for example optional analytics or cookies), you may withdraw it at any time, without affecting processing already carried out.

Account deletion, data export, and access to your personal data are all available directly from the dashboard without needing to contact us. Most personal data we hold (name, email, profile picture) comes from your Google account — to correct it, update your Google profile; your saved analyses and any stored text can be managed or deleted from the dashboard. For any other questions about your rights, please contact us using the information below.

You can also revoke BiasChecker.ai's access to your Google account at any time through your Google Account settings. If you believe your data protection rights have been violated, you have the right to lodge a complaint with your national data protection authority. In the Netherlands this is the Autoriteit Persoonsgegevens; if you are elsewhere in the EU or in the UK, you may contact your local supervisory authority.

8.1 California Privacy Rights

If you are a California resident, you have the right to know what personal information we collect (described in Section 2), to request access to or deletion of that information, to correct inaccurate information, and not to be discriminated against for exercising these rights. You can exercise these rights from your dashboard or by contacting us.

We do not sell your personal information, and we do not share it for cross-context behavioural advertising. We do use analytics cookies (Section 7); some privacy laws may treat certain analytics as a "sale" or "sharing", and you can opt out by declining analytics cookies or by using the Google Analytics opt-out described in Section 6.

8.2 If you are mentioned in analysed content

BiasChecker.ai analyses published media that our users choose to submit, and an analysis may refer to individuals who are named or discussed in that content. We do not maintain a database organised by individual identity: analyses are keyed to the underlying content (for example a web page URL), not to the people mentioned in it, and we are not able to search our analyses by a person's name. For web page analyses we store numerical metrics and positional anchors rather than the article text, and these results are deleted or regenerated over time.

Because of this, if you are an individual mentioned in analysed content and you wish to exercise your data protection rights, we may be unable to identify or act on your request unless you provide the specific content concerned — normally the exact URL of the analysed page, or the text in question. With that information we will locate any stored analysis of that content and review your request, and we can remove or disable access to a specific result where appropriate. As explained in Section 4, we process this content for expression and information purposes, which may qualify or limit some of the rights described above, but we will always consider credible requests in good faith. You can reach us at contact@biaschecker.ai.

9. Data Retention

We retain your account information and saved analyses for as long as your account is active. You can delete your account and all associated data at any time from the dashboard. We also automatically delete inactive accounts: after 180 days without signing in, your account and all associated data are permanently deleted. We send advance reminder emails to the address on your account approximately 30 days, 7 days, and 1 day before deletion, and signing in at any time resets this period. When you delete your account (or it is deleted for inactivity), we remove your personal information, saved analyses, and any stored text from our systems within a reasonable timeframe, except where we are required to retain certain records by law. Your payment card and billing details are handled by Paddle, our Merchant of Record, and are not stored by us; limited transaction records that form part of our business accounting are retained for the period required by applicable tax and accounting law.

9.1 Performance Caching

To maintain performance and reduce duplicate processing, analyses of public web pages are stored as numerical scores, category classifications, and positional anchors in a shared cache, allowing identical public URLs to be served quickly to other users. For these web page analyses we do not store the article's full text or verbatim quotations on our servers; quotations are re-resolved from the live page in your browser.

Text you submit directly (for example by pasting it on our website) is stored, together with its analysis, in your private account area so that you can revisit and manage it. It is deleted when you delete the analysis or your account, or when your account is deleted after 180 days of inactivity (see above).

We may retain account data, usage records, billing records, non-content operational metadata, numerical metrics, and positional anchors to provide the Service, reduce duplicate processing, control costs, improve quality, investigate abuse, and document how the Service performed.

Billing, tax, accounting, fraud-prevention, and security records may be retained for longer where required or permitted by law.

10. Children and Sensitive Data

The Service is not intended for children under 18 or the age of majority in their jurisdiction. Do not submit personal data about children unless you have a lawful basis and all required permissions.

Do not submit special-category personal data, health records, financial account data, government identifiers, confidential business information, trade secrets, or other highly sensitive content unless you are authorized to do so and accept the processing described in this policy.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this privacy policy, our privacy practices, or wish to exercise your data rights, please Contact Us