SubflowAI Privacy Policy

AI-Powered Substack Notes Scheduler

Effective Date: January 2, 2026 | Last Updated: July 2, 2026

Supplemental Policy. This SubflowAI Privacy Policy is supplemental to, and governed by, the GenAI Unplugged master Privacy Policy. Rights, legal bases, and general practices not restated here are inherited from the master Privacy Policy. In the event of a conflict between this Policy and the master Privacy Policy, the master Privacy Policy shall control.

Introduction

GenAI Unplugged LLC ("we," "us," or "our") operates SubflowAI, a Chrome browser extension for scheduling and managing Substack Notes. This Privacy Policy explains how we collect, use, and protect your information. GENAI UNPLUGGED LLC is the data controller for the information described in this Policy. There is no co-brand or joint-operator partner for SubflowAI; GENAI UNPLUGGED LLC is solely responsible for the data practices described here.

By using SubflowAI, you agree to the collection and use of information as described in this policy.

Information We Collect

Data We Collect

Data Type Where Stored Purpose
License Key Chrome sync storage Validate your subscription
Trial ID Chrome local storage Track trial period
Scheduled Notes Your device only Enable scheduling features
Draft Notes Your device only Save your work
Settings/Preferences Your device only Remember your choices
AI Usage Count Our server (encrypted) Enforce monthly limits
Repurposed Article/Note Text Sent to our AI worker and Google Gemini for processing; not retained by us beyond the request Generate AI content variations when you use the repurpose feature
Uploaded Images Cloudflare R2 (temporary) Include images in your Substack Notes
License Validation Logs Our server (30 days) Prevent abuse
Substack Session Cookie (substack.sid) Never stored — read live from your browser via Chrome's chrome.cookies API Authenticate requests to Substack on your behalf, including relay commands; used locally only
Substack Analytics Data (subscribers, post stats, growth timeseries, revenue, engagement metrics) Your device only (Chrome local storage) when the "Connect to Claude" relay is off (default). Transits (but is not stored on) our MCP server when the relay is active and your connected AI client requests this data. Power Analytics and Subscriber Signals features; fetched from Substack via your authenticated browser session. See "Connect to Claude Relay" below for what changes when the relay is on.
Relay Pairing Tokens ("Connect to Claude") Our server (Cloudflare), short-lived Authenticate your AI client's connection to the relay
Relay Channel/Connection State ("Connect to Claude") Our server (Cloudflare Durable Objects / KV), for the duration of your active session Maintain the live WebSocket connection between the extension and your connected AI client
Relay Command Audit Rows ("Connect to Claude") Our server (Cloudflare D1), 90-day retention Record which whitelisted command ran, when, and its status, for abuse prevention and support (matches the 90-day audit-row retention used by GenAI Unplugged's other MCP products)

How SubflowAI Accesses Your Substack Data

SubflowAI's Analytics tab and Subscriber Signals feature read data directly from Substack's internal APIs on your behalf, using your active browser session cookies. This is similar to how your browser loads your own Substack dashboard, but done programmatically.

Third-party policy notice: This type of programmatic access may conflict with Substack's Terms of Service. You are responsible for reviewing Substack's ToS and using these features in accordance with their current policies. GenAI Unplugged LLC is not responsible for any actions Substack takes in response to this access.

"Connect to Claude" — Substack MCP Relay (Opt-In)

SubflowAI includes an optional, license-gated, fully revocable feature that connects an external AI client you choose — Claude Desktop, Claude Code, Claude Cowork, or ChatGPT — to your Substack account through our MCP relay server at substackmcp.genaiunplugged.com. This is off by default and fully revocable via a "Disconnect all agents" control in the extension.

When you turn the relay on:

Correction notice: Earlier versions of this Policy stated that SubflowAI "does not transmit your Substack analytics data to its servers" without qualification. That statement is accurate only when the "Connect to Claude" relay is off (the default). This version scopes that statement correctly and adds the relay-mode disclosure above.

Your Own AI Client (Anthropic Claude / OpenAI ChatGPT)

The AI client you choose to connect via the relay above (Claude Desktop, Claude Code, Claude Cowork, ChatGPT, or similar) is your own account and software. It is operated by Anthropic, OpenAI, or another provider of your choosing — not by GENAI UNPLUGGED LLC. That client is not a GenAI Unplugged subprocessor: we do not have a data processing agreement with it, we do not control what it does with data once received, and your relationship with it is governed entirely by your own account and that provider's own privacy policy. Once relayed data reaches your AI client, its further handling is between you and that provider.

Data We Do NOT Collect

How We Use Your Information

We use collected data solely for:

  1. License Validation - Verify your subscription status
  2. Usage Tracking - Count AI generations to enforce limits
  3. AI Repurposing - Process article or Note text you submit through our AI worker and Google Gemini to generate content variations
  4. MCP Relay Command Execution - Route the specific whitelisted Substack commands your connected AI client requests, when you opt in to "Connect to Claude"
  5. Service Improvement - Anonymous analytics to fix bugs and improve features
  6. Abuse Prevention - Detect and prevent fraudulent license use
We never sell, rent, or share your personal data with third parties for marketing purposes.

Data Storage and Security

Local Storage (Your Device)

Server Storage (Our Infrastructure)

Image Storage (Cloudflare R2)

Security Measures

Third-Party Services

SubflowAI integrates with the following third-party services, each with their own privacy policies:

Service Purpose Privacy Policy
Cloudflare (Workers, Durable Objects, KV, D1, R2) API hosting, license validation, MCP relay infrastructure, temporary image storage cloudflare.com/privacypolicy
Google Gemini API AI content generation (repurposing) policies.google.com/privacy
Lemon Squeezy Payment processing and licensing lemonsqueezy.com/privacy
Substack Publishing platform (your account) substack.com/privacy
Anthropic (Claude Desktop / Claude Code / Claude Cowork) Your own AI client, connected at your choice via the opt-in "Connect to Claude" relay. Not a GenAI Unplugged subprocessor. anthropic.com/legal/privacy
OpenAI (ChatGPT) Your own AI client, connected at your choice via the opt-in "Connect to Claude" relay. Not a GenAI Unplugged subprocessor. openai.com/policies/privacy-policy

Note: When you use AI repurposing features, your input text is sent to Google's Gemini API for processing. Google may process this data according to their privacy policy.

Your Rights and Choices

All Users

You have the right to:

These rights are in addition to, and do not replace, the rights described in the GenAI Unplugged master Privacy Policy, Section 7.

To Exercise Your Rights

Email us at [email protected] with your request. Include your license key or order number for faster processing.

International Users

European Economic Area (EEA) - GDPR

If you are in the EEA, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing:

Your GDPR Rights:

Data Controller:
GenAI Unplugged LLC
Email: [email protected]

California Residents - CCPA

If you are a California resident, under the California Consumer Privacy Act (CCPA):

To exercise your CCPA rights, email [email protected].

International Data Transfers

GENAI UNPLUGGED LLC is based in Pennsylvania, USA, and our infrastructure is US-hosted (via Cloudflare's network, which may route traffic globally for performance). By using SubflowAI, you consent to the transfer of your information to:

We ensure appropriate safeguards are in place for international transfers.

Data Retention

Data Type Retention Period
Local notes/drafts Until you delete them
Uploaded images Deleted after posting to Substack (typically within minutes)
License validation cache 30 days
Usage logs 30 days
Repurposed text sent to AI worker / Gemini Not retained by us beyond the request; see Google's own retention policy for Gemini-side handling
Relay pairing tokens Short-lived, single-use (minutes)
Relay channel/connection state Duration of your active relay session; cleared on disconnect
Relay command audit rows 90 days
Payment records Handled by Lemon Squeezy per their policy

Children's Privacy

SubflowAI is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children.

If you believe a child has provided us with personal information, please contact us immediately at [email protected] and we will delete it.

Cookies and Tracking

SubflowAI does not set its own tracking or advertising cookies.

To interact with Substack on your behalf (for scheduling, Analytics, Subscriber Signals, and the optional "Connect to Claude" relay), SubflowAI reads your existing substack.sid session cookie — the cookie Substack itself sets when you log in — using Chrome's chrome.cookies API. This is your own Substack session cookie, not a cookie SubflowAI creates. It is used locally in your browser to authenticate requests to Substack and is never transmitted to or stored on SubflowAI's servers, including during relay use.

Our website (genaiunplugged.com) may use cookies for basic functionality. See our website's cookie policy for details.

Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

  1. Investigate and contain the breach
  2. Notify affected users within 72 hours (where required by law)
  3. Report to relevant authorities as required
  4. Take steps to prevent future breaches

Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

We encourage you to review this policy periodically.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data:

GenAI Unplugged LLC
Email: [email protected]
Location: Pennsylvania, USA
Master Privacy Policy: genaiunplugged.com/privacy

We aim to respond to all inquiries within 48 hours.

Summary

Question Answer
Do you sell my data? No, never.
Can you see my notes? No, they're stored locally on your device.
What do you store on your servers? License validation, AI usage counts, uploaded images (temporarily), and — only if you opt in to the "Connect to Claude" relay — short-lived pairing tokens, relay connection state, and 90-day command audit rows.
Does my Substack data ever touch your servers? Only if you opt in to the "Connect to Claude" relay. In that case, requested data transits our server in real time but is not stored there. With the relay off (the default), Analytics/Subscriber Signals data never reaches our servers.
What happens to my uploaded images? Deleted automatically after posting to Substack.
How long do you keep data? Most logs are deleted after 30 days; relay command audit rows are kept 90 days.
Can I delete my data? Yes, uninstall the extension or contact us.
Is my data encrypted? Yes, in transit and at rest.
By using SubflowAI, you agree to this Privacy Policy, which is supplemental to the GenAI Unplugged master Privacy Policy.