What Data We Collect and How We Use It
This is the short, plain-English version of how data flows through The GAiGE. It's written so admins can answer their team's questions confidently — and so you can paste relevant sections into an internal comms email when you roll the platform out.
The one-sentence summary
We collect short structured answers your team gives in pulses, plus the basic account info needed to log in — and that's it. We never read the contents of the AI tools your team uses, never share data with anyone else, and never use it to train AI models.
What we collect from your team — pulse responses
When someone answers a pulse via the Chrome extension, we receive:
- The answers they chose — yes/no, time-saved bucket, areas helped, satisfaction rating, free-text comment if they leave one
- Which tool the pulse was about (e.g. ChatGPT)
- When they answered (timestamp)
- Their user ID — pulses are attributed, not anonymous (more on this below)
That's the entire pulse payload. We don't capture the page they were on, anything they typed into the AI tool, the conversation they were having, or any other browser activity.
What we collect about your account
When someone signs up or is invited:
- Email address and name
- Their role (Owner, Admin, Group Leader, Member) and which groups they're in
- Their time zone (so reports show their data correctly)
- Authentication tokens (handled by Clerk — we don't store passwords)
- Last-active timestamp (so admins can see who's been around)
We don't ask for or collect: phone numbers, addresses, dates of birth, payment details (those go directly to Stripe), or any other personal information beyond email and name.
Information you (the admin) supply about your tools
This isn't really collected — you enter it — but it lives in our database and shapes the reports:
- The AI tools your org uses, their websites, and their per-seat costs
- Your blended hourly rate and currency
- Which users are assigned to which tools
This data is used only for your org's reporting and is invisible to anyone outside it.
What the Chrome extension can and can't see
The extension is granted minimal Chrome permissions:
- Access to your configured AI tool websites — needed to know when to inject a pulse popup
- Local storage — caches pulse questions and pending answers offline
- Alarms — schedules when pulses can next fire
It deliberately does not:
- Read or transmit the content of any page (your prompts, conversations, generated output — none of it leaves your browser)
- Touch sites that aren't on your tool list
- Store credentials for AI tools
- Track browsing history
- Communicate with any third party — only the GAiGE API
A long-lived API token signs the extension in to your account. The token is stored hashed in our database; only the original device can use it.
Who can see what (within your org)
Every query in the platform is scoped to your organisation, and within that, scoped by role:
| Role | Can see |
|---|---|
| Owner | All data across the org, plus billing |
| Admin | All data across the org |
| Group Leader | Aggregate + individual data for the groups they lead, plus their own data |
| Member | Only their own data (their pulses, their feedback) |
So a Member sees only what they personally answered — never their colleagues' data. A Group Leader sees their team but not other teams. Only Owners and Admins see the whole organisation.
Why responses are attributed (not anonymous)
In MVP, every pulse is linked to the user who answered it. We picked this for two reasons:
- Responses are visible to that user themselves — so they can review their own data, see their personal time-saved estimates, and request deletion if they want to
- Group Leaders can identify training opportunities — when someone says "I don't know how to use it", the leader can offer help
It does mean Members can't answer with full anonymity, and we communicate this clearly in the extension prompt. Anonymous mode is on the post-MVP roadmap for orgs that need it.
Where the data lives
- Database — PostgreSQL on AWS RDS in the Sydney region (ap-southeast-2)
- File storage — AWS S3, same region
- Authentication — Clerk (US-hosted; GDPR/Australian Privacy Act compliant)
- Payments — Stripe (encrypted at the edge; we never see card data)
- Logs and metrics — AWS CloudWatch, same region
All transit is TLS-encrypted. Data at rest is encrypted using AWS-managed keys.
What we don't do
Important things we make a point of not doing:
- We do not sell, share, or rent data to third parties
- We do not use your data to train any AI models — ours or anyone else's
- We do not read page content from the AI tools your team uses
- We do not combine your data with other organisations' data without explicit consent
- We do not send your data to advertising networks
How to delete data
- A single user's data — Deactivate the user in the platform. To fully remove their pulse history too, request deletion via the GDPR endpoint (Settings → Privacy in a future release; for now, contact support).
- Your entire organisation — Cancel your subscription, then request org deletion. We hard-delete within 30 days; backup retention is up to a further 30 days.
Sharing this with your team
Here's a paragraph you're welcome to paste into an internal email when you roll out The GAiGE:
We're rolling out a tool called The GAiGE to help us understand which AI tools are actually saving us time and which aren't paying off. You'll see short popups (10 seconds) when you visit AI tool websites — answer them honestly, including if a tool wasted your time. Your individual answers are visible to you, your team lead, and the admin team. They're not anonymous, but they're also not used for performance reviews — we use them in aggregate to make smarter decisions about what we pay for and where to invest in training. The platform doesn't read anything you type into the AI tools themselves; only the answers you give in the pulse popups. Privacy details are at [link to your internal privacy page].
Related: How user data is handled · Survey responses are attributed (not anonymous) · GDPR data deletion requests · User roles explained