← back to tilly

privacy policy

last updated: may 22, 2026

what we collect

when you use the tilly website, join the waitlist, or sign into the chrome extension using firebase authentication, we may collect:

• your email address
• your display name
• your profile photo url
• your firebase/google account identifier (uid)
• the referring url and campaign parameters from links that brought you to this site
• basic website analytics such as page views, referral sources, and button clicks

when you use the tilly chrome extension, your saved profile, preferences, memories, and reusable answers are stored locally in chrome extension storage on your device. tilly does not upload your full local profile as an account database.

when you trigger tilly on a page, the extension sends only the context needed to provide the form-filling feature. this may include form labels, field names, placeholders, options, current field values, page title, page url, optional screenshot context, microphone audio, transcripts, and ai prompts or responses related to the current task.

for paid access and usage limits, tilly may process an install identifier, firebase user id, account email, credit balance, usage reservations, stripe customer id, stripe subscription id, subscription status, and selected plan. payment card details are handled by stripe and are not stored by tilly.

how we use your data

we use your information to:

• provide the form-filling and voice assistant features you request
• store local preferences and reusable profile information on your device
• manage waitlist, support, and product update communications
• create checkout and billing portal sessions
• enforce free-trial and paid-plan credit limits
• monitor service reliability, abuse, and security

we do not sell your personal information. we do not use extension data for advertising. tilly does not automatically submit forms for you.

where your data is stored

extension profile data is primarily stored locally in chrome extension storage on your device. website waitlist data is stored in google cloud firestore, managed through firebase. extension account sign-in is handled by firebase authentication. billing and usage metadata is stored in cloudflare d1 and stripe. data sent to tilly's backend is encrypted in transit.

third-party services

we use the following third-party services:

• firebase authentication — for google and email sign-in on the website and chrome extension
• cloud firestore — for storing website waitlist entries
• firebase hosting — for serving this website
• google analytics (firebase analytics / ga4) — for understanding how visitors use this site, including page views, referral sources, and button clicks. no personally identifiable information is sent to analytics.
• cloudflare workers and d1 — for routing extension requests, enforcing usage credits, and storing billing/usage metadata
• openai and anthropic — for ai form analysis, transcription, voice, and response generation when you request tilly's features
• stripe — for checkout, subscription billing, payment processing, and customer portal access

these services process data under their own privacy policies, including google, cloudflare, openai, anthropic, and stripe.

your rights

you can clear local extension data in chrome or by removing the extension. you can request deletion of waitlist, billing metadata, or support records by contacting us at nabilbakour0@gmail.com. some billing records may be retained where required for legal, tax, fraud-prevention, or accounting reasons.

cookies

the website may use firebase authentication local storage and session cookies to manage sign-in state. google analytics (ga4) sets cookies (e.g. _ga, _ga_*) to distinguish unique visitors and track sessions. the chrome extension uses firebase authentication storage for sign-in state and chrome extension storage for local profile data, preferences, install id, onboarding status, and billing status. you can opt out of google analytics by installing the google analytics opt-out browser add-on.

changes to this policy

we may update this policy from time to time. any changes will be reflected on this page with an updated date.

contact

if you have any questions about this privacy policy, contact us at nabilbakour0@gmail.com.