Privacy Policy

1. Your Personal Workspace

We believe your browsing environment should remain under your control while enabling powerful AI assistance. Dex, our privacy-first AI assistant, processes only the minimal data necessary to deliver intelligent, contextually-aware responses that enhance your productivity.

When you interact with Dex, only data relevant to your specific request (like your question or current tab context) is briefly sent to our servers and securely transmitted to our certified AI partners solely to generate your response. Our AI partners are contractually prohibited from storing or training models on your data once processing is complete.

2. Information We Collect

Personal Information We Collect

Personal information you provide to us directly

• Contact and account credentials, such as your name, email address, and password when you sign up for an account or request information about our Services.
• User-Provided Content (Inputs/Prompts): When you interact with the AI agent, we collect the data, text, files, images, or other content you submit to the agent (“Inputs”). These Inputs are determined solely by you and may, at your discretion, include personal or sensitive information (such as names, contact details, or other identifiers). Like a web browser or search engine, the AI agent does not filter content or Inputs. We do not require or encourage the inclusion of sensitive data in Inputs, and you are responsible for ensuring that any Inputs comply with applicable laws. When providing Inputs, please be respectful of the right, including privacy, of others.
• Generated Content (Outputs): Our system processes your Inputs to generate responses (“Outputs”). These Outputs may include, reflect, reproduce, or infer personal information from Inputs, including information related to you or to others.
• Payment information, needed to complete any transactions with us, including your name, payment card details, and billing address. This information is processed by our third-party payment processor, Stripe. Please refer to Stripe's website for more information about how Stripe handles your information.
• Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
• Marketing information, such as your preferences for receiving communications about our Services, and details about how you engage with our communications.
• Third-party Log-in: If you create an account or log into the Services using third-party services, such as Google or GitHub, we will receive your name and email address and/or phone number as permitted by your profile settings on the third-party service in order to authenticate you. The information we receive when you authenticate through a third-party service depends on the settings, permissions and privacy policies of the third-party service. You should always check the privacy settings and notices in the relevant third-party services to understand what data may be disclosed to us or shared with our Services.

Automatic data collection

When you visit, use, or interact with the Services, we automatically log certain information about your visit, use, or interactions. This information includes:

• Usage data, such as how long was spent on the AI agent, usage history, navigation paths, account and profile settings, information about activity on the AI agent, page or screen, access times, and duration of access, and whether marketing emails were opened or links within them clicked.
• Device data, such as the computer or mobile device's operating system type and version, manufacturer and model, browser type, screen resolution, device type (e.g., phone, tablet), IP address, unique identifiers, language settings.
• General location information, such as city, state or geographic area. We may determine the general area from which your device accesses our Services based on information like its IP address for security reasons and to make your product experience better, for example to protect your account by detecting unusual login activity or to provide more accurate responses.
• Cookies and similar technologies: We and our third-party providers use cookies, local storage, and other similar technologies to collect information automatically. These technologies may store information on your device to remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
• Browsing activity data: When enabled, Dex may process your browsing activity — including page URLs, titles, and content — to generate personalized memories and contextual information. This data is used to provide features such as intelligent search, personalized responses, and proactive suggestions. This feature is off by default and only active when you enable it. You can disable it at any time through your settings, and you can view, edit, or delete any stored memories from your dashboard. Browsing activity from Incognito sessions is never collected or stored.

3. Chrome Extension

Dex is delivered as a Chrome browser extension. This section describes how the extension interacts with your browser, the protections we have in place, and how you stay in control.

Browser Memory (Beta, Opt-In)

Browser memory lets Dex remember useful details from your web browsing to provide better responses and suggestions, while maintaining privacy and user control. Browser memory is off by default and only activates when you opt in during setup or in Settings > Memory or Settings > Proactive Suggestions.

• When you opt in, Dex processes browsing activity to build personalized memories and contextual awareness.
• Web content and browser actions are sent to our servers, summarized by our AI providers, and used to create or update your browser memories.
• Raw web content is deleted after processing. Privacy-filtered summaries are retained as memories until you delete them.

Safety & Privacy Filters

We apply multiple layers of protection to keep sensitive information out of your browser memories:

• Sensitive data filters: We apply privacy and sensitive data filters designed to exclude personally identifiable information (such as government IDs, SSNs, bank account numbers, online credentials, and addresses), medical records, and financial information from memories.
• Blocked sites: Dex blocks memory creation on certain sensitive website categories, including banking and financial services, healthcare portals, and adult content sites.
• Action confirmations: Dex asks for your explicit confirmation before taking potentially sensitive actions such as making purchases, submitting forms, or modifying account settings.
• Incognito protection: Dex does not save chat history or access memory in incognito mode.

Your Controls

You have full control over what Dex remembers and how it interacts with your browser:

• Turn it off: Enable or disable browser memory at any time in Settings > Memory or Settings > Proactive Suggestions.
• View your memories: See everything Dex remembers in Knowledge > Memories.
• Delete memories: Remove individual memories or clear all browser memory at any time.
• Block sites: Prevent specific sites from being used for memory in your privacy settings.
• Disconnect integrations: Remove connected apps or delete your data entirely at any time.

What We Do Not Collect

• Browsing activity when browser memory is disabled (the default)
• Any data from incognito sessions
• Passwords, credentials, or form autofill data
• Content from sites you have blocked in privacy settings

4. How We Use Personal Information

We use personal information for the following purposes:

To operate our Services

We use Inputs, including any personal information in them, to provide, operate, maintain, and secure our Services in accordance with our Terms of Service. This includes using your personal information to:

• Create, maintain, and administer your account on the Services and manage your subscriptions, transactions, and payments.
• Provide the features of the Services you use.
• Processing your Inputs to complete tasks such as filling out forms or placing orders.
• Communicate with you about our Services, including by sending you announcements, updates, security alerts, and support and administrative messages.
• Respond to your requests, questions, and feedback.
• Processing browsing activity data to build memories and contextual awareness that enable personalized, relevant responses to your queries.

To develop and improve our Services

It is in our legitimate business interests to improve and keep our Services safe for our users, which includes:

• Better respond to your queries
• Personalize your experience and remember your preferences
• Send you technical notices and support messages
• Detect, prevent, and address technical issues or abuse
• Comply with legal obligations
• Product Development: To identify opportunities for new features or products and to enhance the performance of our AI agent.

5. How We Disclose Personal Information

• Service providers: Your data—including Inputs and Outputs—may be disclosed to third-party providers of artificial intelligence and large language model (LLM) that power our Services. We disclose personal information to service providers that help us operate the Services, such as hosting services, cloud services, information technology services, email communication software and email newsletter services, marketing services, payment processors, user relationship management and user support services, and web analytics services.
• Professional advisors: We may disclose personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
• For compliance, fraud prevention and safety: We may disclose personal information for the compliance, fraud prevention, and safety purposes described above.
• Business transfers: We may sell, transfer or otherwise share some or all of our business or assets, including personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.

6. Your Rights & Choices

Depending on your location, you may have the following rights:

• Access, correct, or delete your personal data
• Object to or restrict certain processing activities
• Data portability — receive your data in a structured format
• Withdraw consent at any time for consent-based processing
• Lodge a complaint with your local data protection authority

To exercise these rights, contact us at privacy@thirdlayer.inc

7. Data Retention

We retain personal information for as long as necessary in order to provide our Services to you, or for other legitimate business purposes such as resolving disputes, safety and security reasons, or complying with our legal obligations.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information (such as whether we need to retain the data to provide our Services), and whether we can achieve those purposes through other means, and the applicable legal requirements.

8. Data Security & Encryption

We use commercially reasonable technical and organizational measures to protect your data. However, no internet transmission is 100% secure.

All data transmitted between your device and our servers is secured using TLS 1.2 or higher. Data stored on our infrastructure is encrypted at rest using 256-bit AES encryption.

Access to personal data is restricted to authorized personnel who require it for operational purposes. All access is protected by multi-factor authentication and is logged for auditing.

9. Children's Privacy

Our Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately and we will delete it.

10. Changes To This Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the website. If you are a registered user, we will notify you using the email address you gave us when you signed up if we make material changes made to the Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: