Privacy Policy
Last updated: June 15, 2026
Quick Privacy Summary
Privacy shaped how Fenly was built from the start. Here are the key facts:
- ✓No data selling. We never sell, rent, or trade your personal data to third parties or data brokers.
- ✓No text storage. Your translation text is processed in real time and immediately discarded - we never store the content of your translations on our servers (unless you explicitly enable server-side history on Pro/Team, or explicitly save a word to your Subtitle Dictionary).
- ✓Sensitive fields are never translated. Passwords, credit card data, OTP codes, government IDs, phone numbers, and other sensitive input fields are automatically detected and excluded from translation - their content never leaves your device.
- ✓Minimal data collection. We collect only what is necessary: email, character usage, and standard technical data to maintain and improve the Service.
- ✓AI processing. When you translate, the text you submit is sent over an encrypted connection to Google's servers (Gemini API) for processing. Google processes the text solely to return a translation and is contractually prohibited from using your data to train their models. See Google's API Terms for details.
- ✓Extension stays local. All browser extension settings, local translation history, and preferences are stored entirely on your device and are never transmitted to our servers or any third party.
- ✓Account & data deletion. You can request deletion of your account and all associated data at any time by contacting support@fenly.me. Deletion is completed within 30 days.
1. Introduction & Data Controller
Fenly ("we," "our," or "us") operates the Fenly browser extension and the website located at fenly.me (collectively, the "Service"). This Privacy Policy describes how we collect, use, store, and share information when you use our Service. By using Fenly you agree to the practices described in this policy.
The data controller responsible for data processing pursuant to the General Data Protection Regulation (GDPR) and other applicable data protection laws is:
"Personal data" means any information relating to an identified or identifiable natural person, as defined in Art. 4(1) GDPR.
2. Information We Collect
2.1 Account Information
When you create an account we collect your email address and name (optional). Your password is hashed with bcrypt before storage and is never stored in plain text.
2.2 Translation Data
When you use the translation feature we process the source text you submit and the translated result. This includes text from selected text, input fields, and chat messages on supported platforms (e.g., Discord). It also includes the captions of a YouTube video when you enable subtitle translation (see section 2.12); subtitle translations are processed in real time and are never written to server-side translation history, on any plan. For users on paid plans (Pro and Team), translation history - including original text, translated text, source and target languages, translation style, and character count - may be stored on our servers if the "Save history to server" option is enabled. Free plan users' translation history is stored exclusively within the browser extension's local storage and is never sent to our servers.
2.3 Usage Data
We track the number of characters translated per billing period to enforce plan usage limits. We also log the number of translation requests for rate-limiting and abuse-prevention purposes. We do not read or analyze the content of your translations for advertising, profiling, or any purpose other than providing the translation.
2.4 Payment Information
Payments are processed by third-party providers: Paddle (card payments) and NOWPayments (cryptocurrency payments). We do not directly store your full payment card numbers. Our payment providers handle all sensitive financial data in accordance with their own privacy policies and PCI DSS requirements. We store only the transaction identifiers and subscription status necessary to manage your account.
2.5 Extension Settings
Your extension preferences - such as target language, translation style, excluded sites, hotkey configuration, and interface language - are stored locally in your browser via the browser's built-in synchronized storage. These settings are not transmitted to our servers.
In addition, the extension stores certain per-component preferences in your browser's localStorage. These include independently selected target languages for the text-selection popup and the input-field translation button, the user's preferred UI theme (light/dark), and temporary snooze or disable states for individual translation components. This data remains on your device, is not transmitted to our servers or any third party, and can be cleared at any time by clearing your browser's site data or uninstalling the extension.
2.6 Account Recovery & Security Data
When you request a password reset, we send a single-use, time-limited recovery link to your registered email address. The recovery process involves short-lived authentication tokens that are exchanged securely on our servers and are not stored beyond the duration of the reset session. We do not log or retain the content of your new password - it is hashed before storage. Email verification codes during registration are also single-use and expire shortly after issuance.
2.7 AI-Generated Content
When you use the translation or text-to-speech features, your source text is sent to third-party AI providers (currently Google AI) for processing. This applies to all translation sources - selected text, input fields, chat messages from supported platforms, and, when you enable subtitle translation on a YouTube video, that video's existing captions (the on-screen subtitle text already published with the video). For subtitle translation, the caption text for the segment you are watching is sent to the AI provider in real time to produce the translated subtitle line; we do not send the video's audio, and we do not store the original or translated caption text on our servers (see section 2.12 below). These providers process your text in real time to generate translations or audio and do not retain your content beyond the duration of the request. Fenly does not control the behavior, output quality, or accuracy of third-party AI models. AI-generated translations and audio are provided "as is" - see our Terms of Service for full disclaimers regarding AI output.
2.8 What We Do NOT Collect
We believe in radical transparency. Here is what we explicitly do not collect:
- ✕Your general browsing activity or keystrokes - we only process the specific text you intentionally send for translation
- ✕Passwords in plain text - all passwords are hashed with bcrypt before storage
- ✕Financial information beyond what is required for payment processing (handled by Paddle/NOWPayments)
- ✕Location data, GPS coordinates, or geolocation
- ✕Contacts, photos, files, or any data from other apps on your device
- ✕Browsing history or behavior across other websites (except the specific page content you select for translation)
- ✕Any data from minors under 13
We collect only the minimum information necessary to provide and improve the Service.
2.9 Sensitive Field Protection
The Fenly browser extension automatically detects and excludes sensitive input fields from translation on any website you visit. When a field is identified as sensitive, translation controls are not displayed for it and no content from that field is sent to our translation service or any third party. This detection runs entirely in your browser before any network request is made.
Field categories that are automatically excluded include:
- •Password fields (
input type="password") - •Credit card and debit card fields: card number, CVV/CVC, expiration date, cardholder name
- •Email addresses and phone numbers in form inputs
- •One-time codes, PIN codes, and verification codes (OTP, 2FA, SMS codes)
- •Government identifiers: passport numbers, tax IDs, driver's license numbers, social security numbers
- •Cryptocurrency wallet addresses
- •Personal identifiers in structured forms: full name, postal code, address components
- •Any text field located inside a form that also contains a password field (common in login and signup flows)
Detection uses multiple signals, including HTML input type, ARIA roles, inputmode and autocomplete attributes, field labels, placeholder text, parent container context, and maximum length constraints. While this protection is designed to cover the vast majority of sensitive fields, detection relies on heuristics and cannot guarantee one hundred percent coverage across every website implementation. You remain in control: you can also add any website to the extension's Excluded Sites list via the extension options to disable Fenly entirely on that site.
2.10 Saved Words (Subtitle Dictionary)
The Subtitle Dictionary lets you look up the meaning of a word or short phrase while watching videos and save it to a personal library for later review. Saving is an explicit action you take for each individual word. When you save a word, we store - in your account on our servers, so you can review it from the dashboard on any device - only the word, its base (dictionary) form, part of speech, the definition and an example sentence, the languages involved, and the time it was saved. This feature is available on all plans (Free, Pro, and Team).
We deliberately do not store which video the word came from or the surrounding subtitle text - only the word and its definition. When you look up a word, the selected text and the surrounding subtitle line are sent to our AI provider in real time to determine the correct meaning, exactly as described for translations in sections 2.2 and 2.7; this surrounding context is not retained by us.
You can remove any saved word, or clear your entire library, at any time from Dashboard → Subtitle Dictionary; doing so permanently deletes it from our servers. Saved words are retained until you delete them or close your account.
2.11 Feedback & Support Correspondence
When you send in-app feedback or contact support, we process the message you write and, if you choose to provide it, the email address you leave so we can reply. If you submit feedback about subtitles from within the extension, the form may let you optionally attach the URL of the video you were watching so we can reproduce the issue; if you choose to include it, that URL is stored as part of your feedback message and sent to our support team. Providing an email is optional - feedback can be submitted anonymously. If you do provide it, we use it solely to respond to and follow up on that specific feedback or request, under our legitimate interest in supporting our users (Art. 6(1)(f) GDPR). We do not add it to any marketing list.
This correspondence is handled through our support mailbox and our email delivery provider (Resend), and is retained only as long as needed to resolve your request and keep a reasonable record of support history. You can ask us to delete it at any time by contacting support@fenly.me.
2.12 Subtitle Translation
When you turn on subtitle translation for a YouTube video, the extension reads the captions the video already provides and sends each segment to our AI provider in real time to produce the translated subtitle, exactly as described in sections 2.2 and 2.7. We do not store the original or translated caption text on our servers - it is processed in real time and discarded.
To operate the feature and enforce plan limits we do store usage metadata: a video reference (the YouTube video ID, in the form youtube:<id>) and the number of seconds you watched with subtitles enabled, linked to your account (and your team, on Team plans). Subtitles are billed in watched time - a separate budget from translation characters and text-to-speech - so this counter is what we measure against your plan's subtitle allowance. On the Free plan, the video reference is kept so that re-watching a video you have already used does not count as a new one. We never store the caption content itself. On error or anomaly paths only, our application logs may record your account identifier and the video reference for diagnostics; these are operational logs, not stored content. These usage records are deleted when you delete your account.
2.13 Anonymous Usage Without an Account
You can try a limited amount of text translation (typing-and-translate and select-and-translate) without creating an account. To make this possible we use a random device identifier: when you first translate without signing in, the extension generates a random value and stores it locally in your browser. It is not your name, email, or any account data, and it is not a device fingerprint - it is a random token you can reset at any time by clearing the extension's storage or reinstalling it.
When you make an anonymous translation, that identifier is sent to our backend, where we store only a one-way hash of it (never the raw value) together with a count of how many free translations the device has used, solely to enforce the small free allowance for unregistered users. To stop abuse of that allowance (for example, resetting the identifier to obtain unlimited free use), we also keep a short-lived daily counter keyed to a truncated form of your network address (an IP /24 prefix for IPv4, /64 for IPv6 - never your full IP address). We do not use either signal for advertising, profiling, or cross-site tracking, and this anonymous data is not linked to any account.
Lawful basis. Storing and reading this identifier on your device is strictly necessary to provide the no-account translation you explicitly requested (Art. 5(3) ePrivacy Directive - strictly-necessary exemption), so it requires no separate cookie/consent opt-in. The related server-side processing (the hashed identifier, the usage count, and the truncated-network abuse counter) relies on our legitimate interest in offering a free trial and protecting it from abuse (Art. 6(1)(f) GDPR). Device counters are pruned after a period of inactivity and the per-network daily counters expire each day. If you create an account, your registered plan limits apply instead.
3. How We Use Your Information
- •Providing the Service: processing translations, generating text-to-speech audio, authenticating your account, and managing your subscription.
- •Usage Enforcement: tracking character usage to apply plan limits and prevent abuse.
- •Product Analytics & Improvement: we measure how features are used (e.g., translations per day, popular language pairs, document-translation success rates) to improve performance and reliability. Website analytics that store cookies or data on your device run only after you consent via the cookie banner. We also send server-side product-usage events keyed to your account identifier (a pseudonymous identifier) under our legitimate interest — these set no cookies and store nothing on your device. You can object to server-side product analytics at any time in Dashboard → Settings → Privacy & Cookies.
- •Document Translation Logging: when you translate a document while signed in, we store technical metadata about each translation — file format, character and unit count, source and target language, success/partial/failure status, coverage percentage, and duration — linked to your account (and your team, on Team plans). We never store the document's content or its filename. This supports operating the feature, enforcing plan limits, diagnosing failures, and product analytics, under our legitimate interest (Art. 6(1)(f) GDPR). These records are deleted when you delete your account.
- •Subtitle Translation Logging: when you use subtitle translation on a YouTube video, we store usage metadata about each watched video — a video reference (the YouTube video ID) and the number of seconds watched with subtitles enabled — linked to your account (and your team, on Team plans). We never store the caption text or its translation. This supports operating the feature, enforcing your plan's subtitle allowance, diagnosing failures, and product analytics, under our legitimate interest (Art. 6(1)(f) GDPR). These records are deleted when you delete your account.
- •Communication: sending transactional emails related to your account (e.g., password resets, billing receipts).
- •Marketing (opt-in only): if you explicitly consent, we may send promotional emails about product updates, tips, and offers. You can withdraw marketing consent at any time via Dashboard → Settings → Privacy & Cookies or by clicking "Unsubscribe" in any marketing email.
4. Third-Party Services
To deliver the Service we share limited data with the following third-party providers:
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Database & authentication | Account info, usage data, translation history (if enabled), saved dictionary words (if you save them) |
| Google AI (Gemini API) | Machine translation, text-to-speech, YouTube subtitle translation & Subtitle Dictionary lookups | Source text for translation, translated text for audio generation, a YouTube video's existing caption text for subtitle translation, and the selected word plus the surrounding subtitle line (up to 600 characters) for Subtitle Dictionary lookups. API requests are sent to Google's Generative Language API; request logs (including submitted text) may be visible in the Google AI Studio console and may be retained by Google in accordance with their API Terms. |
| Paddle | Card payments | Email, subscription metadata |
| NOWPayments | Crypto payments | Order amount, plan metadata |
| Resend | Transactional email delivery | Email address (for account verification, password resets, team invites, and replies to feedback or support requests) |
| PostHog | Product analytics (website & server-side) | Cookie-based website analytics and page views (after consent); server-side product-usage events keyed to a pseudonymous account identifier (legitimate interest, no cookies, no device storage) |
Each provider processes data in accordance with their own privacy policy. We encourage you to review those policies independently.
AI-Powered Translation & Audio: Text you submit for translation is sent to Google's Generative Language API for processing. The AI model may apply content safety filters that alter, omit, or refuse to process certain types of content (including profanity, sensitive, or explicit material). We do not control these filters and cannot guarantee the accuracy, completeness, or fidelity of any AI-generated translation or text-to-speech output. You are solely responsible for verifying the suitability of any output before use. Please refer to our Terms of Service for full disclaimer details.
5. Lawful Basis for Processing
We process your personal data under the following legal bases as defined by the GDPR:
| Processing Activity | Legal Basis | GDPR Article |
|---|---|---|
| Account registration & authentication | Contract performance | Art. 6(1)(b) |
| Translation processing & delivery | Contract performance | Art. 6(1)(b) |
| Subscription billing & payments | Contract performance | Art. 6(1)(b) |
| Usage tracking & plan limit enforcement | Contract performance | Art. 6(1)(b) |
| Rate-limiting & abuse prevention | Legitimate interest | Art. 6(1)(f) |
| Anonymous (no-account) free-tier metering & abuse prevention | Strict necessity / Legitimate interest | Art. 5(3) ePrivacy; Art. 6(1)(f) |
| Product improvement & aggregated analytics | Legitimate interest | Art. 6(1)(f) |
| Transactional emails (password reset, billing) | Contract performance | Art. 6(1)(b) |
| Product updates & service notifications | Legitimate interest | Art. 6(1)(f) |
| Replying to feedback & support requests | Legitimate interest | Art. 6(1)(f) |
| Marketing emails & promotions | Consent (opt-in) | Art. 6(1)(a) |
| Cookie-based website analytics (PostHog) | Consent (opt-in) | Art. 6(1)(a) |
| Server-side product analytics (account-identifier events, no device storage) | Legitimate interest (object via Settings) | Art. 6(1)(f) |
| Document-translation usage metadata & logging (no file content) | Legitimate interest | Art. 6(1)(f) |
| Server-side translation history (Pro: opt-in; Team: input always, selection opt-in by owner) | Consent (opt-in) / Legitimate interest (Team) | Art. 6(1)(a) |
| Billing record retention | Legal obligation | Art. 6(1)(c) |
| ToS/Privacy consent audit trail (IP, User-Agent) | Legitimate interest | Art. 6(1)(f) |
Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
6. Data Storage & Security
Your account data and server-side translation history are stored on Supabase-hosted infrastructure with encryption at rest and in transit (TLS). Passwords are hashed using bcrypt with a cost factor of 12. Authentication tokens (JWT) expire after a short period, and refresh tokens are rotated on every use and expire after 7 days.
While we take commercially reasonable measures to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
7. Cross-border Data Transfers
To provide the Service, your data may be transferred to and processed in countries outside your country of residence. In particular:
- •Supabase (database & authentication) - United States
- •Google AI (translation & text-to-speech) - United States
- •Paddle (payments) - United Kingdom
- •Resend (transactional email delivery) - Ireland (EU). As our email processor, Resend receives your email address, email content, and delivery metadata (timestamps, delivery status) solely to deliver account-related emails on our behalf. Resend does not use this data for their own purposes. See Resend Privacy Policy.
- •PostHog (analytics) - European Union
- •NOWPayments (cryptocurrency payments) - Netherlands / Seychelles
These providers maintain their own data protection measures. Where required by law, transfers are covered by Standard Contractual Clauses (SCCs) or equivalent safeguards.
8. Data Retention
- •Account data is retained for as long as your account is active. If you delete your account, we will remove your personal data within 30 days.
- •Inactive accounts: Free plan accounts with no activity for 12 months and no transaction history may be automatically deleted. You will not receive prior notice; to prevent deletion, simply use the Service at least once within any 12-month period.
- •Translation history (server-side) retention depends on your plan:
| Plan | Server History | Notes |
|---|---|---|
| Free | Not stored | History is stored locally in the browser extension only |
| Pro | 90 days | Server-side storage is off by default (opt-in). When enabled, input translations are saved to the server. An additional opt-in toggle controls whether text selection translations are also saved. Disabling cloud sync immediately and permanently deletes all server-stored history |
| Team | 180 days | Input translations are always stored on the server. The team owner controls whether text selection translations are also saved (off by default). Disabling cloud sync immediately deletes history for all team members |
- •Usage data (character counts) is retained for the current billing period and one prior period for billing accuracy.
- •Local extension data (settings, local history) is controlled entirely by you and can be cleared at any time through the extension settings or by uninstalling the extension. The extension stores up to 5,000 translation entries locally; older entries are automatically removed, with favorited translations protected from deletion.
- •Team data: When a Team plan is deactivated (cancelled, expired, or downgraded), all team-related records - including member associations, team usage statistics, pending invitations, and team translation history - are permanently deleted 30 days after deactivation.
9. Your Rights
Under the GDPR and similar data protection laws, you have the following rights regarding your personal data:
- •Right of access (Art. 15 GDPR) - request confirmation of whether we process your data and obtain a copy.
- •Right to rectification (Art. 16 GDPR) - request correction of inaccurate or incomplete personal data.
- •Right to erasure (Art. 17 GDPR) - request deletion of your personal data. You can request account deletion at any time by contacting support@fenly.me.
- •Right to restriction of processing (Art. 18 GDPR) - request that we limit the processing of your data in certain circumstances.
- •Right to data portability (Art. 20 GDPR) - request an export of your data in a structured, machine-readable format.
- •Right to withdraw consent (Art. 7(3) GDPR) - where processing is based on your consent (e.g., analytics cookies, marketing emails, server-side history), you may withdraw consent at any time without affecting the lawfulness of prior processing.
- •Right to object (Art. 21 GDPR) - you may object to processing based on legitimate interest. If we process your data for direct marketing, you have an unconditional right to object.
- •Right to lodge a complaint - you have the right to lodge a complaint with a supervisory data protection authority in your country of residence.
California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
- •Right to know - you may request that we disclose the categories and specific pieces of personal information we have collected, the categories of sources, the business purpose for collecting, and the categories of third parties with whom we share it.
- •Right to delete - you may request deletion of your personal information, subject to certain exceptions (e.g., completing a transaction, security, legal obligations).
- •Right to correct - you may request correction of inaccurate personal information.
- •Right to opt-out of sale/sharing - Fenly does not sell or share your personal information for cross-context behavioral advertising. No opt-out is necessary.
- •Right to non-discrimination - we will not discriminate against you for exercising any of your privacy rights.
To exercise any of these rights (GDPR or CCPA), please contact us at legal@fenly.me. We will respond within 30 days (GDPR) or 45 days (CCPA).
10. Cookies & Tracking
The Fenly website uses essential cookies required for authentication and session management. These cookies are strictly necessary and do not require consent.
We also use local browser storage (localStorage) to store authentication tokens and user preferences. On the website this data remains on your device, is not transmitted to third parties, and is fully cleared when you log out. The browser extension also uses localStorage to persist per-component settings such as independently chosen target languages and temporary disable/snooze states; this data stays on your device and is never sent to our servers.
We also use optional analytics cookies (via PostHog) to understand how the Service is used and to improve the user experience. These cookie-based, on-device analytics are only activated after you give explicit consent through the cookie banner shown on your first visit. The banner controls cookies and analytics stored on your device.
Separately, we run server-side product analytics: usage events sent from our servers to PostHog, keyed to your account identifier. These events set no cookies and store nothing on your device, so they run under our legitimate interest (Art. 6(1)(f) GDPR) rather than cookie consent. They are not used for advertising or cross-site tracking.
You can withdraw your analytics cookie consent — and separately object to server-side product analytics — at any time from Dashboard → Settings → Privacy & Cookies. The browser extension stores authentication tokens locally on your device and does not set or read website cookies.
11. Data Breach Notification
In the unlikely event of a personal data breach, we are committed to acting swiftly and transparently:
- •Within 72 hours of becoming aware of a breach, we will notify the relevant supervisory authority as required by GDPR.
- •Affected users will be notified without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
- •Notifications will include a description of the breach, the data affected, likely consequences, and the measures we are taking to address it.
- •We will provide a dedicated point of contact to answer any questions related to the breach.
If you believe you have identified a security vulnerability, please contact us immediately at legal@fenly.me.
12. Children's Privacy
Fenly is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through the Service. Your continued use of Fenly after changes become effective constitutes acceptance of the revised policy.
14. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please reach us at: