Privacy Policy

Introduction

1570058 B.C. LTD. ("we," "our," or "us") operates the Pinpoint Chrome extensions for CanLII and Google Scholar. This Privacy Policy applies to both extensions and explains how we collect, use, and protect information when you use them.

We are committed to protecting your privacy and being transparent about our data practices. This policy complies with applicable privacy laws including the Personal Information Protection Act (PIPA) of British Columbia and the requirements of the Chrome Web Store.

Information We Collect

Information you provide:

• Google Account Email: When you sign in with Google, we receive your email address to identify your account and manage your subscription.
• Questions and Queries: The questions you type into the extension are sent to our servers to generate AI-powered responses.

Information collected automatically:

• Usage Data: We track the number of queries you make (and daily counts of chat, gist, and case discovery actions for signed-in users) to enforce plan limits and to understand feature usage.
• IP Address: For users who have not signed in, we record the IP address associated with requests solely to apply the free-trial limit. IP addresses are not linked to any other personal information and are not used for advertising, profiling, or tracking across sites.

Information we do NOT collect:

• We do not collect or store your browsing history
• We do not access pages outside of supported legal databases (CanLII and Google Scholar)
• We do not store the full text of legal cases you view (we temporarily pass excerpts to our AI provider only while generating your answer; see the Case Discovery note under Data Retention for the one exception)
• We do not sell, rent, or share your personal information with third parties for marketing purposes

How We Use Your Information

We use the information we collect to:

• Provide the AI-powered Q&A and summarization features
• Manage your subscription and billing
• Track usage against your plan limits
• Respond to your support requests
• Improve and optimize our service

Data Retention

• Questions and Responses: Your questions are processed in real-time and are not permanently stored on our servers. They are discarded after generating a response.
• Case Discovery Results: To avoid unnecessary re-computation, we cache the AI-generated "similar cases" suggestions for a given case (keyed to the case URL) in our backend storage. These cached results contain no personal information about you, only the suggested cases and search terms derived from the case you viewed.
• Account Information: Your email and usage count are retained while your account is active. If you cancel your subscription, we retain minimal records for legal and accounting purposes.

Third-Party Services

We use the following third-party services:

• Google OAuth: For secure sign-in. Google's privacy policy applies to their authentication service.
• Stripe: For payment processing. Stripe handles all credit card information directly—we never see or store your full card number. See Stripe's Privacy Policy.
• OpenRouter and Anthropic: For AI model inference. Your questions and the case excerpts you ask about are forwarded through OpenRouter to Anthropic (Claude), which generates the response. Both providers have their own retention policies that apply to the data they process.
• Cloudflare: For hosting our backend services and serving the extension's user interface. See Cloudflare's Privacy Policy.

These providers are located in the United States, which means your data is transferred and processed outside of Canada. By using Pinpoint you consent to this cross-border transfer.

Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• HTTPS encryption for all data in transit
• Secure authentication via Google OAuth
• No storage of sensitive payment information (handled by Stripe)

Use of Google User Data

Pinpoint's use and transfer of information received from Google APIs (specifically, the email address associated with your Google Account when you sign in) adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we:

• Use Google user data only to provide or improve the features you have requested
• Do not transfer Google user data to third parties except as necessary to provide the service, for security reasons, or to comply with law
• Do not use Google user data for advertising, including retargeting or personalized advertising
• Do not allow humans to read Google user data, unless we have obtained your affirmative consent, it is necessary for security purposes, or it is required to comply with applicable law

Your Rights

You have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate information
• Request deletion of your account and associated data
• Withdraw consent for data processing

To exercise these rights, contact us at support@pinpointlabs.io.

Chrome Extension Permissions

Pinpoint requests the following browser permissions:

• activeTab: To read the content of the case page you're viewing
• sidePanel: To display the Q&A interface
• identity: To enable Google sign-in
• storage: To save your preferences locally
• contextMenus: To provide the "Get Gist" right-click feature

These permissions are used solely for the stated purposes and do not grant access to unrelated browsing activity.

Children's Privacy

Pinpoint is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page with an updated "Last updated" date.

Contact Us

If you have questions about this Privacy Policy, please contact us:

• Email: support@pinpointlabs.io
• Company: 1570058 B.C. LTD.
• Location: British Columbia, Canada