Privacy Policy
TX Labs, 2025
Last Revised on 1th of November, 2025
This Privacy Policy explains how Bless Data (“Company”, “we”, “us”) processes information through the Bless Chrome Extension (“Extension”). It complies with:
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Health Insurance Portability and Accountability Act (HIPAA), where applicable
By installing or using the Extension, you agree to this Privacy Policy.
Bless Data is the data controller for personal data processed through the Extension.
Contact: legal@txlabs.org
All raw personal data is processed exclusively on your local device and is never transmitted to our servers.
Raw personal data includes:
- URLs, page titles, browsing metadata
- AI prompts, responses, timestamps
- Automated prompts generated by the Extension
- Device details, browser type, OS, local logs
- User settings and consent state
Only anonymized, aggregated analytics may be transmitted to the Company.
The Extension does not collect, store, or transmit:
- Protected Health Information (PHI)
- Identifiable medical records
- Health insurance identifiers
If a user manually enters health-related information into a conversational AI platform, such data:
- Remains local on the user’s device
- Is never transmitted to the Company
- Is not accessed, stored, or processed by the Company
The Extension architecture is designed to prevent access to PHI, enabling HIPAA compliance.
We process personal data only for these purposes:
- Operating and improving the Extension
- Awarding Bless Points
- Conducting AI-related research
- Generating anonymized analytics
- Preventing fraud or abuse
- Debugging, performance, and security
We do not use personal data for advertising.
Processing is based on:
- Consent: telemetry, LLM interactions, automated prompts
- Contract performance: reward attribution and core functionality
- Legitimate interests: security and improvement
Anonymized analytics are not personal data under GDPR.
To maximize privacy:
- All raw data stays on the user’s device
- Only anonymized, aggregated metrics are transmitted
- Aggregation is irreversible
- No individual user identity or behavior can be reconstructed
If you enable automated actions:
- The Extension may send test prompts to AI systems
- Outputs remain local unless anonymized in aggregate
- You may disable automated actions at any time via the Extension toggle
- No automated decision produces legal or significant effects
In rare cases where anonymized analytics are transferred internationally:
- Standard Contractual Clauses (SCCs) are used
- Encryption, access minimization, and organizational safeguards apply
- Raw behavioral data: never transmitted, never retained server-side
- Aggregated anonymized analytics: retained indefinitely
- User preferences and consent state: stored locally
You may exercise the following rights:
- Access
- Rectification
- Erasure
- Restriction of processing
- Objection
- Data portability
- Withdraw consent at any time
- Not be subject to automated decision-making
Requests: legal@txlabs.org
Response timeline: 30 days
To support HIPAA compliance:
- No PHI is collected, transmitted, or stored
- All raw text remains local unless anonymized
- System design prevents access to identifiers
- Only fully de-identified statistics are transmitted
We use industry-standard safeguards including:
- Encryption in transit for anonymized analytics
- Local-only processing of raw data
- Access controls
- Data minimization
- Periodic audits and assessments
The Extension is not intended for children under 13 (or 16 where required by law).
California residents may request:
- Confirmation that personal information is not sold
- Disclosure of collected categories
- Deletion of personal data
Request email: legal@txlabs.org
We may update this Privacy Policy. Continued use after notification constitutes acceptance.
Bless Data
Email: legal@txlabs.org