Our Privacy Policy

Last updated: August 16, 2022

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy has been created with the help of the Privacy Policy Generator.

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • ​​Account means a unique account created for You to access our Service or parts of our Service.
  • Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
  • Application means the software program provided by the Company downloaded by You on any electronic device, named Super Agent
  • Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Super Agent, Inc., 651 N Broad St Suite 206.
  • Country refers to: Delaware, United States
  • Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Service refers to the Application.
  • Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.
  • Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Types of Data Collected

Super Agent collects the following data through AWS Kinesis Firehose, a data streaming service:
  • A unique and random ID with the only purpose of counting active users at any given time.


Super Agent also uses AWS Cognito for authentication/authorization purposes. Cognito uses SSRP for secure authentication, so no passwords are ever sent to our servers.

Cognito does not collect any data – it gives you temporary credentials so you can access other AWS services. This ID is always the same if you are logged in, and can occasionally change if you are not logged in. We do not store any data from Cognito. If you are logged in, we store only your e-mail address which we need to send you confirmation codes and codes to reset your password.
All of your other data is stored in AWS DynamoDB, fully encrypted at rest. This data includes:
  • Your Cookie Preferences
  • Usage Metrics
  • Encryption material
  • Consent Trail


Your usage metrics include the number of websites Super Agent worked on, how many clicks it saved you and an estimate of how much time Super Agent has saved you.

We do not use this data in any way other than to aggregate it so we have global usage metrics.
Encryption Material

In case you enable your Consent Trail, Super Agent locally generates an encryption key randomly, together with an Initialization Vector (IV) and a salt.

We store the IV and salt, and we store an encrypted version of your encryption key, which only you can decrypt with your password.

We use PBKDF2, an industry standard, with 100 000 iterations, to derive a key from your password. All of our encryption uses AES256-GCM.

Consent Trail

If you enable your Consent Trail, you have access to a log of websites where Super Agent worked along with what actions it took in the specific website.

This data is stored in our servers encrypted end 2 end using your encryption material. This means we cannot decrypt it and can never know what websites you have visited.

Our model is similar to what industry standard Password Managers use to ensure your privacy is protected.


  • Data we do not collect:

We never collect information on what websites you visit. Instead, the extension has a set of rules locally that it uses on websites and it never sends website information to our servers.

We do not store IP Addresses or other information that can be tied back to you directly.

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods. ​

Transfer of Your Personal Data

​ Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Disclosure of Your Personal Data

Business Transactions
​If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.
Law enforcement
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Other legal requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to: ​

  • Comply with a legal obligation
  • Protect and defend the rights or property of the Company
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of Users of the Service or the public
  • Protect against legal liability

Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.
Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let update the “Last updated” date at the top of this Privacy Policy.

​You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
If you have any questions about this Privacy Policy, You can contact us: ​

By email
privacy@super-agent.com