Bulary

Privacy

Privacy Policy

This page explains how Bulary handles account data, newsletter signups, browser-extension content, and AI-related requests based on the product behavior currently visible in this repository.

Last updated: April 5, 2026

What Bulary collects

Bulary currently collects or processes information you provide during signup and product use, along with technical information needed to operate the service securely.

  • Account and authentication data, such as your email address and the credentials needed to sign in through our auth provider.
  • Profile and onboarding data, such as your display name, phone number, browser choice, goals, and newsletter preference.
  • Newsletter signup data, including the email address you submit and bot-verification information from Cloudflare Turnstile.
  • Extension content you choose to save or process, including saved page URLs, highlighted passages, generated notes, note metadata, and AI mode selections.
  • Service and security metadata, such as quota usage, request identifiers, IP-related request headers, and operational logs used to protect the product and investigate abuse.

How Bulary uses that information

  • To create and secure your account, verify ownership of your email address, and keep you signed in.
  • To personalize onboarding and profile preferences inside the product.
  • To send newsletter and product-update emails when you ask us to.
  • To save websites and notes inside your account when you explicitly use those extension features.
  • To generate AI outputs when you intentionally send highlighted content for processing.
  • To enforce quotas, prevent abuse, debug failures, and maintain service quality.

Extension and AI processing

The Bulary extension is designed to run on normal web pages and can interact with selected page content when you use Bulary features. In the current product flow, Bulary may store selected passages and notes in your account or send selected text to our backend AI route when you ask Bulary to generate an explanation or related output.

The repo also contains privacy guardrails for sensitive browsing contexts, including blocked pages and warning-tier confirmations, but broad extension access still creates a meaningful trust surface and should be understood before installation.

Who Bulary shares data with

Bulary does not describe itself in this repo as selling personal data. We do, however, rely on third-party infrastructure to operate the product.

  • Supabase for authentication, database storage, and backend operations.
  • Cloudflare Turnstile for bot protection on signup and newsletter forms.
  • OpenAI through the configured AI worker path for AI generation requests.
  • Other service providers or authorities when required for security, fraud prevention, legal compliance, or a business transfer.

Retention, deletion, and account state

Bulary's current account model is built around soft delete rather than immediate permanent erasure. That means we may preserve some records needed for account recovery, abuse prevention, entitlement history, or legal/security reasons even after an account is marked unavailable.

A self-service delete flow is not yet exposed in the current public profile UI. If you need help with account deletion, correction, or a privacy request, contact contact@bulary.com.

Your choices

  • You can update parts of your profile information from the account page.
  • You can choose whether to opt into newsletter updates during onboarding.
  • You can ask to access, correct, or delete your data by contacting support.
  • You can uninstall the extension at any time and stop using Bulary features on web pages.

Contact

For privacy questions, data requests, or support, contact contact@bulary.com. You can also visit the Support page for the current contact path.