Introduction
GenAI Unplugged LLC ("we," "us," or "our") operates SubflowAI, a Chrome browser extension for scheduling and managing Substack Notes. This Privacy Policy explains how we collect, use, and protect your information. GENAI UNPLUGGED LLC is the data controller for the information described in this Policy. There is no co-brand or joint-operator partner for SubflowAI; GENAI UNPLUGGED LLC is solely responsible for the data practices described here.
Information We Collect
Data We Collect
| Data Type | Where Stored | Purpose |
|---|---|---|
| License Key | Chrome sync storage | Validate your subscription |
| Trial ID | Chrome local storage | Track trial period |
| Scheduled Notes | Your device only | Enable scheduling features |
| Draft Notes | Your device only | Save your work |
| Settings/Preferences | Your device only | Remember your choices |
| AI Usage Count | Our server (encrypted) | Enforce monthly limits |
| Repurposed Article/Note Text | Sent to our AI worker and Google Gemini for processing; not retained by us beyond the request | Generate AI content variations when you use the repurpose feature |
| Uploaded Images | Cloudflare R2 (temporary) | Include images in your Substack Notes |
| License Validation Logs | Our server (30 days) | Prevent abuse |
Substack Session Cookie (substack.sid) |
Never stored — read live from your browser via Chrome's chrome.cookies API |
Authenticate requests to Substack on your behalf, including relay commands; used locally only |
| Substack Analytics Data (subscribers, post stats, growth timeseries, revenue, engagement metrics) | Your device only (Chrome local storage) when the "Connect to Claude" relay is off (default). Transits (but is not stored on) our MCP server when the relay is active and your connected AI client requests this data. | Power Analytics and Subscriber Signals features; fetched from Substack via your authenticated browser session. See "Connect to Claude Relay" below for what changes when the relay is on. |
| Relay Pairing Tokens ("Connect to Claude") | Our server (Cloudflare), short-lived | Authenticate your AI client's connection to the relay |
| Relay Channel/Connection State ("Connect to Claude") | Our server (Cloudflare Durable Objects / KV), for the duration of your active session | Maintain the live WebSocket connection between the extension and your connected AI client |
| Relay Command Audit Rows ("Connect to Claude") | Our server (Cloudflare D1), 90-day retention | Record which whitelisted command ran, when, and its status, for abuse prevention and support (matches the 90-day audit-row retention used by GenAI Unplugged's other MCP products) |
How SubflowAI Accesses Your Substack Data
SubflowAI's Analytics tab and Subscriber Signals feature read data directly from Substack's internal APIs on your behalf, using your active browser session cookies. This is similar to how your browser loads your own Substack dashboard, but done programmatically.
- What is accessed: Subscriber lists, publication stats, post performance, growth timeseries, revenue summaries, and per-subscriber engagement metrics
- How it's accessed: Via HTTP requests to Substack's admin APIs, authenticated with your existing browser login — no separate credentials are stored or transmitted
- Where data goes, by default (relay off): Fetched data is stored only on your local device in Chrome's local storage. It is never sent to SubflowAI's servers
- Your control: You can clear this data at any time via the extension or by uninstalling SubflowAI
"Connect to Claude" — Substack MCP Relay (Opt-In)
SubflowAI includes an optional, license-gated, fully revocable feature that connects an external AI client you choose — Claude Desktop, Claude Code, Claude Cowork, or ChatGPT — to your Substack account through our MCP relay server at substackmcp.genaiunplugged.com. This is off by default and fully revocable via a "Disconnect all agents" control in the extension.
When you turn the relay on:
- The extension opens an authenticated WebSocket connection to our MCP server
- Your connected AI client may send only a fixed, whitelisted set of Substack commands (for example, scheduling a Note or retrieving publication stats)
- The extension executes each command in your browser using your own
substack.sidSubstack session cookie. This cookie never leaves your browser and is never stored on our server - Substack data returned by these commands (notes, posts, drafts, subscriber stats) flows: Substack → your browser (extension) → our MCP server (in transit only, not persisted) → your connected AI client
- This means your Substack data does transit our server infrastructure while the relay is active. It is not written to a database or retained after the request completes — only the pairing tokens, connection state, and command audit metadata described in the table above are retained, and only for the periods listed there
Your Own AI Client (Anthropic Claude / OpenAI ChatGPT)
The AI client you choose to connect via the relay above (Claude Desktop, Claude Code, Claude Cowork, ChatGPT, or similar) is your own account and software. It is operated by Anthropic, OpenAI, or another provider of your choosing — not by GENAI UNPLUGGED LLC. That client is not a GenAI Unplugged subprocessor: we do not have a data processing agreement with it, we do not control what it does with data once received, and your relationship with it is governed entirely by your own account and that provider's own privacy policy. Once relayed data reaches your AI client, its further handling is between you and that provider.
Data We Do NOT Collect
- Substack passwords or login credentials
- Email addresses (unless you contact support)
- Browsing history
- Full content of your Substack articles, except text you explicitly submit for AI repurposing (sent to Google Gemini for processing — see "Third-Party Services" below)
- Personal identification information
- Data for sale to third parties
How We Use Your Information
We use collected data solely for:
- License Validation - Verify your subscription status
- Usage Tracking - Count AI generations to enforce limits
- AI Repurposing - Process article or Note text you submit through our AI worker and Google Gemini to generate content variations
- MCP Relay Command Execution - Route the specific whitelisted Substack commands your connected AI client requests, when you opt in to "Connect to Claude"
- Service Improvement - Anonymous analytics to fix bugs and improve features
- Abuse Prevention - Detect and prevent fraudulent license use
Data Storage and Security
Local Storage (Your Device)
- Notes, drafts, and settings are stored locally in your Chrome browser
- We cannot access this data
- Data persists until you delete it or uninstall the extension
Server Storage (Our Infrastructure)
- License validation and usage counts are stored on Cloudflare Workers
- MCP relay pairing tokens, connection state, and command audit rows are stored on Cloudflare (Durable Objects, KV, D1) as described in the table above
- Data is encrypted in transit (HTTPS/WSS) and at rest
- Servers are located globally via Cloudflare's network
- Validation logs are automatically deleted after 30 days
Image Storage (Cloudflare R2)
- When you upload images to include in notes, they are temporarily stored on Cloudflare R2
- Images are automatically deleted after your note is successfully posted to Substack
- Images are accessible only via unique, non-guessable URLs
- We do not access, analyze, or use your images for any purpose other than enabling the posting feature
Security Measures
- All server communications use HTTPS/WSS encryption
- License keys are validated server-side, never exposed to third parties
- No passwords or sensitive credentials are ever stored
- Your Substack session cookie is never stored server-side, including during relay use
Third-Party Services
SubflowAI integrates with the following third-party services, each with their own privacy policies:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Cloudflare (Workers, Durable Objects, KV, D1, R2) | API hosting, license validation, MCP relay infrastructure, temporary image storage | cloudflare.com/privacypolicy |
| Google Gemini API | AI content generation (repurposing) | policies.google.com/privacy |
| Lemon Squeezy | Payment processing and licensing | lemonsqueezy.com/privacy |
| Substack | Publishing platform (your account) | substack.com/privacy |
| Anthropic (Claude Desktop / Claude Code / Claude Cowork) | Your own AI client, connected at your choice via the opt-in "Connect to Claude" relay. Not a GenAI Unplugged subprocessor. | anthropic.com/legal/privacy |
| OpenAI (ChatGPT) | Your own AI client, connected at your choice via the opt-in "Connect to Claude" relay. Not a GenAI Unplugged subprocessor. | openai.com/policies/privacy-policy |
Note: When you use AI repurposing features, your input text is sent to Google's Gemini API for processing. Google may process this data according to their privacy policy.
Your Rights and Choices
All Users
You have the right to:
- Access - View what data we have about you
- Delete - Remove all local data by uninstalling SubflowAI
- Export - Download your notes via the extension's export feature
- Cancel - Cancel your subscription anytime via Lemon Squeezy
- Disconnect - Turn off the "Connect to Claude" relay at any time via the "Disconnect all agents" control
- Opt-out - Disable analytics in extension settings (if available)
These rights are in addition to, and do not replace, the rights described in the GenAI Unplugged master Privacy Policy, Section 7.
To Exercise Your Rights
Email us at [email protected] with your request. Include your license key or order number for faster processing.
International Users
European Economic Area (EEA) - GDPR
If you are in the EEA, you have additional rights under the General Data Protection Regulation (GDPR):
Legal Basis for Processing:
- Contract Performance - License validation, scheduling, and the opt-in MCP relay are necessary to provide the service you purchased or enabled
- Legitimate Interest - Usage analytics and command audit logging help us improve the service, prevent abuse, and support you
Your GDPR Rights:
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to data portability
- Right to object to processing
- Right to lodge a complaint with a supervisory authority
Data Controller:
GenAI Unplugged LLC
Email: [email protected]
California Residents - CCPA
If you are a California resident, under the California Consumer Privacy Act (CCPA):
- You have the right to know what personal information we collect
- You have the right to request deletion of your data
- You have the right to opt-out of the sale of personal information
- We do not sell personal information
To exercise your CCPA rights, email [email protected].
International Data Transfers
GENAI UNPLUGGED LLC is based in Pennsylvania, USA, and our infrastructure is US-hosted (via Cloudflare's network, which may route traffic globally for performance). By using SubflowAI, you consent to the transfer of your information to:
- Cloudflare's global network (for API, license validation, and MCP relay traffic)
- Google's servers (for AI processing)
- Lemon Squeezy's servers (for payment processing)
- Your own connected AI client's provider (Anthropic or OpenAI), if you opt in to the "Connect to Claude" relay
We ensure appropriate safeguards are in place for international transfers.
Data Retention
| Data Type | Retention Period |
|---|---|
| Local notes/drafts | Until you delete them |
| Uploaded images | Deleted after posting to Substack (typically within minutes) |
| License validation cache | 30 days |
| Usage logs | 30 days |
| Repurposed text sent to AI worker / Gemini | Not retained by us beyond the request; see Google's own retention policy for Gemini-side handling |
| Relay pairing tokens | Short-lived, single-use (minutes) |
| Relay channel/connection state | Duration of your active relay session; cleared on disconnect |
| Relay command audit rows | 90 days |
| Payment records | Handled by Lemon Squeezy per their policy |
Children's Privacy
SubflowAI is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children.
If you believe a child has provided us with personal information, please contact us immediately at [email protected] and we will delete it.
Cookies and Tracking
SubflowAI does not set its own tracking or advertising cookies.
To interact with Substack on your behalf (for scheduling, Analytics, Subscriber Signals, and the optional "Connect to Claude" relay), SubflowAI reads your existing substack.sid session cookie — the cookie Substack itself sets when you log in — using Chrome's chrome.cookies API. This is your own Substack session cookie, not a cookie SubflowAI creates. It is used locally in your browser to authenticate requests to Substack and is never transmitted to or stored on SubflowAI's servers, including during relay use.
Our website (genaiunplugged.com) may use cookies for basic functionality. See our website's cookie policy for details.
Data Breach Notification
In the unlikely event of a data breach affecting your personal information, we will:
- Investigate and contain the breach
- Notify affected users within 72 hours (where required by law)
- Report to relevant authorities as required
- Take steps to prevent future breaches
Changes to This Policy
We may update this Privacy Policy from time to time. When we do:
- The "Last Updated" date at the top will be revised
- For material changes, we will notify you via email or in-app notification
- Continued use of SubflowAI after changes constitutes acceptance
We encourage you to review this policy periodically.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your data:
GenAI Unplugged LLC
Email: [email protected]
Location: Pennsylvania, USA
Master Privacy Policy: genaiunplugged.com/privacy
We aim to respond to all inquiries within 48 hours.
Summary
| Question | Answer |
|---|---|
| Do you sell my data? | No, never. |
| Can you see my notes? | No, they're stored locally on your device. |
| What do you store on your servers? | License validation, AI usage counts, uploaded images (temporarily), and — only if you opt in to the "Connect to Claude" relay — short-lived pairing tokens, relay connection state, and 90-day command audit rows. |
| Does my Substack data ever touch your servers? | Only if you opt in to the "Connect to Claude" relay. In that case, requested data transits our server in real time but is not stored there. With the relay off (the default), Analytics/Subscriber Signals data never reaches our servers. |
| What happens to my uploaded images? | Deleted automatically after posting to Substack. |
| How long do you keep data? | Most logs are deleted after 30 days; relay command audit rows are kept 90 days. |
| Can I delete my data? | Yes, uninstall the extension or contact us. |
| Is my data encrypted? | Yes, in transit and at rest. |