Effective date: 24 March 2026 · Last updated: 24 March 2026
iTeri Pty Ltd ("iTeri", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the iTeri Chrome extension and related services (the "Service").
We designed iTeri with a privacy-first architecture. We do not store your website credentials, we do not sell your data, and we minimise the information we collect to what is necessary to provide the Service.
By using the Service, you consent to the practices described in this Privacy Policy. This Policy should be read alongside our Terms & Conditions.
iTeri Pty Ltd (ABN 57 662 920 238) is a company registered in New South Wales, Australia. We are the data controller for the personal information collected through the Service.
For privacy-related enquiries, contact us at info@iteri.ai.
| Data Type | Details | Purpose |
|---|---|---|
| Account information | Name, email address, authentication credentials (via Google OAuth / AWS Cognito) | Account creation & authentication |
| Payment information | Processed and stored exclusively by Stripe; we receive only a transaction reference and last four digits of your card | Credit purchases & billing |
| User preferences | Configuration settings, notification preferences, confirmation gate preferences | Personalising the Service |
| Support communications | Emails, feedback, and support requests you send us | Responding to enquiries & improving the Service |
| Data Type | Details | Purpose |
|---|---|---|
| Usage data | Feature usage, credit consumption, session duration, action types | Service operation, billing & analytics |
| Device & browser info | Browser version, operating system, screen resolution, extension version | Compatibility, debugging & support |
| Error & diagnostic data | Crash reports, error logs, performance metrics | Maintaining & improving reliability |
We use the information we collect for the following purposes:
We will not use your personal information for purposes materially different from those described here without your consent.
When you instruct iTeri to interact with a web page, the extension processes the page's DOM (Document Object Model) — the structured content of the page. This processing occurs as follows:
The compressed page representations may include text content visible on the page, form field labels and structure, link text and navigation elements, and page layout information. If a page you direct iTeri to interact with contains personal information (for example, your bank account dashboard or a social media profile), elements of that information may be included in the compressed representation sent for AI processing.
You should exercise caution when directing iTeri to interact with pages containing highly sensitive information such as banking portals, medical records, or confidential documents. While the data is compressed and transmitted securely, it is processed by third-party AI providers as described in Section 6.
If you use iTeri's messaging integrations (such as WhatsApp relay or Slack integration), message content is processed to enable iTeri to understand and respond to your requests. Message content is transmitted to our servers and to AI providers for processing, but is not persistently stored beyond what is necessary to complete the current interaction. Message relay is provided by Twilio, Inc.; see Section 6.4 for details.
iTeri uses third-party large language model (LLM) providers to power its AI capabilities. When you use the Service, compressed page content and your instructions are sent to these providers for processing. Our current AI providers include:
We may add or change AI providers over time. We will update this section accordingly. We select providers that offer appropriate data handling commitments, but we cannot guarantee how these third parties process data once it leaves our systems. We encourage you to review their privacy policies.
iTeri allows you to connect directly to AI providers using your own API key. When you use this option, your instructions and compressed page data are sent directly from the extension to the AI provider under your own account and agreement — they do not pass through our servers.
In this configuration, iTeri acts solely as the interface facilitating your interaction with the provider. We have no visibility into, and accept no responsibility for, the data processed under your API key. Your use of the provider's services is governed entirely by your own agreement with that provider, and we encourage you to review their data handling and retention policies.
We do not store, log, or transmit your API key to our servers. Your key is held in your browser's local extension storage and is used only to authenticate requests made directly from the extension to the provider.
Stripe, Inc. processes all payments. Your payment card details are collected and stored exclusively by Stripe — they never pass through or reside on our servers. See Stripe's Privacy Policy.
AWS Cognito (Amazon Web Services) provides our authentication infrastructure, including Google OAuth federation. See AWS's Privacy Policy.
If you use iTeri's WhatsApp integration, message relay is provided by Twilio, Inc. Messages sent and received through this integration are transmitted via Twilio's infrastructure. Twilio may retain message metadata and content in accordance with their own policies. See Twilio's Privacy Policy.
We use the Twilio integration solely to relay messages between you and iTeri. We do not persistently store message content on our servers beyond what is necessary to process your current request. However, Twilio's own data retention policies apply to data processed through their platform.
We may use additional third-party services for analytics, error tracking, or communication. We will not share your personal information with third parties for their own marketing purposes.
Our servers are hosted on Amazon Web Services (AWS). Account data and service infrastructure are primarily hosted in the Asia Pacific (Sydney) ap-southeast-2 region. However, data sent to third-party AI providers may be processed in other jurisdictions (see Section 12).
We implement appropriate technical and organisational measures to protect your information, including:
While we take reasonable steps to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
We retain your personal information only for as long as necessary to fulfil the purposes described in this Policy:
When data is no longer required, it is securely deleted or de-identified.
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), you have the following rights in relation to your personal information:
To exercise any of these rights, contact us at privacy@iteri.ai. We will respond within 30 days.
If you are located in the European Economic Area or the United Kingdom, you may also have rights under the GDPR / UK GDPR including the right to data portability, the right to restrict processing, and the right to object to processing. If these rights apply to you and you wish to exercise them, please contact us.
The iTeri Chrome extension uses browser local storage and Chrome's extension storage APIs to save your preferences, authentication tokens, and session state. This data is stored locally on your device and is necessary for the Service to function.
Our website (iteri.ai) may use cookies for:
We do not use advertising or tracking cookies. You can control cookie preferences through your browser settings.
The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected information from a child under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us at privacy@iteri.ai.
While our primary infrastructure is hosted in Australia, your information may be transferred to and processed in other countries when it is sent to third-party AI providers (such as Anthropic and OpenAI, whose infrastructure is primarily located in the United States).
Where personal information is transferred outside Australia, we take reasonable steps to ensure that the recipients of your information comply with privacy obligations that are at least substantially similar to the Australian Privacy Principles, in accordance with APP 8.
By using the Service, you acknowledge and consent to the transfer and processing of your information in jurisdictions outside Australia as described in this Policy.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by email or through the Service at least 14 days before the changes take effect.
We encourage you to review this Policy periodically. The "Last updated" date at the top of this page indicates when the Policy was most recently revised.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
iTeri Pty Ltd
Privacy Officer
Email: privacy@iteri.ai
Sydney, New South Wales, Australia
If you are not satisfied with our response to a privacy concern, you may contact the Office of the Australian Information Commissioner.