Privacy Policy
This policy explains what Myto collects, why, and how you can control it. We've tried to write it in plain language rather than dense legalese.
Myto ("Myto", "we", "us") provides a browser extension and web app that let you capture highlights and screenshots from things you read online, and turn them into AI-generated quizzes for spaced-repetition review. This policy covers the Myto extension, the Myto web app, and usemyto.com.
1. Information we collect
Account information
When you sign up, we collect your email address and, if you sign in with Google, your name and profile photo. Authentication is handled by Firebase Authentication (a Google service); we never see or store your password in plain text.
Content you capture
Myto's core function is saving content you deliberately choose to capture. This includes:
- Highlights: text you select from a webpage, plus the surrounding article content, used to generate quiz questions.
- Annotations: notes you write attached to a highlight.
- Screenshots: image regions you select from a page or video, plus any caption (written by you or generated by AI from page context).
- Collections and tags: labels and groupings you create to organize your captures.
- The source URL, title, and favicon of the page each capture came from.
The Myto extension's content script is present on pages you visit so that highlighting and screenshot tools are available when you want them, but it does not record or transmit anything from a page unless you actively capture it. We do not track your general browsing history.
Quiz and learning activity
We store the quiz questions generated from your captures, your answers, whether they were correct, and the resulting spaced-repetition schedule (via the FSRS algorithm). We also store gamification data: streaks, streak freezes, and XP.
Usage analytics
We use Firebase Analytics to understand aggregate product usage (e.g. which features are used, session length). This does not include the content of your captures.
Payment information
If you purchase a subscription, payment is handled by a third-party payment processor. Myto does not receive or store your full card number.
2. How we use your information
- To provide the core service: storing your captures and generating quizzes from them.
- To send your highlighted text and article context to an AI provider (currently Google's Gemini models) so quiz questions can be generated. Screenshot captions may also be AI-generated from surrounding page context.
- To schedule your quiz reviews and track your streak, XP, and progress.
- To send you account emails: verification, password reset, and (if enabled) daily digest reminders about due quizzes.
- To maintain and improve the reliability and performance of Myto.
- To enforce our Terms of Service and keep the product secure.
We do not sell your personal information or your captured content to anyone.
3. Where your data is stored
Captures, quiz data, and account records are stored in a Postgres database we operate. Screenshot images are stored in Google Cloud Storage. Because we rely on Google's infrastructure for authentication, storage, analytics, and AI generation, your data may be processed on servers located outside your country of residence, including in the United States.
4. Data retention
We keep your account and captures for as long as your account is active. If you delete your account, we delete your personal data and captures within a reasonable time, except where we're required to retain records for legal or accounting purposes.
5. Your rights and choices
- You can access, edit, or delete individual captures, tags, and collections directly in the Myto web app at any time.
- You can request a copy of your data or full account deletion by emailing us (see Contact below).
- If you're located in the EU/UK or California, you have additional rights under GDPR or the CCPA respectively, including the right to access, correct, delete, or port your data, and to object to certain processing. We'll honor these requests regardless of where you're located.
- You can revoke the extension's access at any time by removing it from your browser.
6. Cookies and local storage
The Myto web app uses browser local storage to keep you signed in. The extension uses local browser storage to keep your capture settings and session in sync. We don't use third-party advertising cookies.
7. Children's privacy
Myto is not directed at children, and you must be at least 13 years old to use it. We do not knowingly collect personal information from anyone under 13. If you believe a child has created an account, contact us and we'll delete it.
8. Third-party services we use
- Firebase (Google): authentication and product analytics.
- Google Cloud Storage: storage for screenshot images.
- Google Gemini: AI generation of quiz questions and screenshot captions from your captured content.
- A third-party payment processor, once billing is enabled for your account.
Each of these providers processes data only as needed to provide their service to us, under their own privacy and security commitments.
9. Security
We use industry-standard measures to protect your data, including encryption in transit (HTTPS/TLS) and access controls on our infrastructure. No method of transmission or storage is 100% secure, so we can't guarantee absolute security.
10. Changes to this policy
We may update this policy as Myto evolves. If we make material changes, we'll notify you by email or with a notice in the app. The "last updated" date at the top of this page always reflects the current version.
11. Contact
Questions about this policy or your data? Email us atsupport@usemyto.com.