Privacy Policy

We do not sell your personal information or your AutoType content to anyone.

We do not use your Google Docs content, the text you supply, or your account data to develop, train, or improve generalized AI or machine-learning models.

We do not generate, modify, paraphrase, or suggest text on your behalf — AutoTyper only schedules and types the text you provide.

We collect only the data needed to authenticate you, run your AutoType sessions, process payments, and prevent abuse.

AutoTyper provides paced-writing services directly to individual users. For the personal information you provide, AutoTyper acts as the data controller and is responsible for handling it according to this Policy.

Our Service may link to or integrate with third-party tools (such as Google or Stripe). Their privacy practices are governed by their own policies, not by this Policy.

Account information. When you create an account or sign in, we collect your email address, authentication identifiers, profile name and image (if you sign in with Google), locale, and plan state.

Google OAuth credentials. Access token, refresh token, and granted scopes required to keep an AutoType session connected to the Google Doc you select.

Document selection and supplied text. The Google Doc identifier you connect, plus the text content you want AutoTyper to write into that document.

AutoType job state. Job state, execution logs, and error metadata so paused or failed jobs can be recovered safely.

Billing and reward records. Subscription, Day Pass, invitation, refund, and abuse-prevention records required to operate billing and referral flows. Card details are handled by Stripe; we do not store full card numbers, but we may store limited billing metadata such as the last four digits, card brand, and expiration date.

Log and device data. Information your browser or device automatically sends, including IP address, browser type, operating system, the pages you visit, time and date of requests, referring URLs, and limited error diagnostics collected through monitoring tools such as Sentry.

Usage analytics. We use Google Analytics for page views, traffic sources, and aggregated usage patterns, and Microsoft Clarity for session replays and heatmaps used in UX research. Replays mask form inputs and sensitive fields by default. We never send your Google Doc content or your supplied AutoType text to these analytics tools.

Information from third parties. Basic profile and authentication information returned by Google when you sign in; payment events from Stripe; and operational signals from service providers (cloud hosting, email delivery, monitoring tools such as Sentry, and customer support tools such as tawk.to) that help us run the Service.

Support communications. Messages, screenshots, attachments, and other information you provide when contacting us for support, billing questions, or feedback.

Authenticate you and protect access to dashboard, account, billing, and invitation features.

Run paced document writes, retries, pause/resume flows, and execution history for the document you selected.

Operate subscriptions, Day Pass purchases, and invitation reward flows.

Send transactional notices such as receipts, billing alerts, security messages, and account updates. We may also send service-related announcements; you can opt out of marketing emails at any time.

Enforce plan limits, daily quotas, and rate limits.

Monitor abuse, failures, and security events; prevent fraud and unauthorized access.

Analyze aggregated usage to understand what works, identify issues, and improve the Service.

Comply with legal obligations and respond to lawful requests from authorities.

Service providers. We share data with vendors that help us operate the Service — including Stripe (payments), Google (OAuth and Docs API), our cloud hosting provider, email delivery services, monitoring tools such as Sentry, and tawk.to for customer support chat. For signed-in users, we may share necessary account identification information with customer support tools to provide a consistent support experience. These vendors may only process the data for the purposes we instruct.

Analytics providers. We share pseudonymous and aggregated usage data with Google (Analytics) and Microsoft (Clarity) for the purposes described in the Cookies section.

Business transfers. If AutoTyper is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify users of any change in ownership or use that materially affects how their data is handled.

Legal and safety. We may disclose information when we believe in good faith that it is necessary to comply with law, respond to legal process, prevent fraud or abuse, protect the rights and safety of our users or others, or enforce our Terms.

We do not sell your personal information, do not share your information with schools or organizations, do not use your document content to train AI models, and do not generate or suggest text in your documents on your behalf.

We rely on first-party cookies and session tokens issued by our authentication system (Better-Auth) to keep you signed in and protect account security. When you sign in with Google, Google may also set its own cookies on its domains as part of the OAuth flow.

Google Analytics and Microsoft Clarity may set their own cookies on your browser to count visits, attribute traffic, and reconstruct sessions for UX research.

tawk.to may set functional chat cookies to keep support conversations consistent across pages and visits. If you start a chat, the messages, contact details you provide, and related support metadata are processed by tawk.to so we can respond.

You can opt out of analytics tracking using your browser settings, the Google Analytics opt-out add-on at https://tools.google.com/dlpage/gaoptout, or by enabling Do Not Track / Global Privacy Control signals where supported. Disabling cookies entirely may break parts of the Service such as login.

We do not use cookies to sell your data or to run third-party behavioral advertising on the Service.

AutoTyper only operates on the specific Google Doc you authorize for each AutoType session. It cannot access, list, browse, or read any other file in your Google account.

We keep our access intentionally narrow and never treat your documents as a general training corpus.

AutoTyper's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We use Google user data solely to provide and improve the user-facing AutoType feature — appending user-supplied text to a user-selected Google Doc on a schedule the user configures.

We do not use Google user data for advertising or to serve personalized advertisements.

We do not sell Google user data and do not transfer it to third parties for purposes unrelated to delivering the AutoType feature.

We do not use Google user data to develop, improve, or train generalized or non-personalized AI/ML models.

Humans do not read Google user data unless we have obtained the user's explicit consent, access is required for security investigations or to comply with applicable law, or the data has been aggregated and de-identified for internal operations.

Google OAuth tokens (access, refresh, and id tokens) are encrypted at rest using AES-256-GCM before being written to our database.

All traffic between the browser, AutoTyper servers, and Google APIs is transmitted over TLS.

Database access is restricted to authenticated services and follows least-privilege principles.

No system can be completely secure. You are responsible for keeping your account credentials safe and for signing out of your account when using a shared device.

In-app: open Account → Security → Connected accounts and select Unlink. We immediately call Google's token revocation endpoint and remove the stored credentials from our database.

Via Google: visit https://myaccount.google.com/permissions and revoke AutoTyper. Google will notify our revocation endpoint, which clears all sessions for the affected account.

We retain your information only as long as needed to provide the Service, meet our legal and accounting obligations, prevent abuse, and resolve disputes.

Google OAuth tokens are removed promptly after you unlink your account or revoke access from your Google account.

Billing and invoice records are retained as required by applicable tax and accounting laws.

Account deletion removes your profile and unsynced job state from active systems. Encrypted backups are purged according to our standard rotation schedule.

We may retain anonymized or aggregated information indefinitely for analytics, security research, and Service improvement, since such data can no longer be linked back to you.

You can review, update, correct, or delete your personal information by contacting us at hello@autotyper.net. We may need to verify your identity before acting on your request.

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with comparable data-protection laws, you may have additional rights under those laws, including the rights of access, correction, deletion, and data portability. Where applicable, contact us at hello@autotyper.net to exercise these rights.

You can opt out of marketing emails at any time using the unsubscribe link in those emails or your account settings. We will still send non-marketing notices such as billing receipts, security alerts, and account messages.

Some browsers allow you to send a "Do Not Track" (DNT) or Global Privacy Control (GPC) signal. Because there is no common industry standard for handling DNT, the Service does not currently change its behavior in response to it, but we limit our use of tracking technologies as described in the Cookies section.

AutoTyper is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at hello@autotyper.net and we will take appropriate steps to delete it.

AutoTyper operates as a global Service. Your information may be transferred to and processed in countries where we and our service providers operate, including the United States and the European Union (e.g., Stripe, Google, Cloudflare, Vercel). These countries may have data-protection laws that differ from those in your country. By using the Service, you consent to such transfers and processing where permitted by applicable law.

Questions about this Privacy Policy, your personal information, account deletion, billing, or any privacy-related request can be sent to hello@autotyper.net.