LEGAL · TOKENWATCH

Privacy Policy

Effective date: June 14, 2026 · Brilliant Disruptions, Inc.

TL;DR — The Short Version

We never read, access, or store your Claude conversations or prompts.
We only read UI-level signals: usage-limit banners and activity presence on claude.ai.
The optional CLI integration reads only your usage percentage — no conversation content.
We store your email, display name, group membership, and usage status. That's it.
We don't sell your data. We don't share it with advertisers.

01Who We Are

TokenWatch is a Chrome extension built and operated by Brilliant Disruptions, Inc. ("we," "us," or "our"). It helps teams coordinate their Claude AI usage by surfacing real-time status, handoff queues, and availability forecasts.

Questions about this policy: hello@brilliantdisruptions.com

02What the Extension Does — and Doesn't — Access

TokenWatch never reads your Claude conversations, prompts, or Claude's responses. The extension has no access to the contents of any chat session. It does not inject scripts that capture keystrokes, clipboard data, or message content.

The extension operates on claude.ai and reads only the following UI-level signals:

Usage-limit banners — whether the page is displaying a "limit reached" or "you're approaching your limit" notification (text only; no conversation content).
Activity presence — whether the claude.ai tab is active in your browser (used to determine "active" vs. "idle" status).
Reset countdown text — the time remaining until your Claude usage resets, if shown in the UI.

These signals are used solely to update your status in your team's shared TokenWatch group.

03Claude Code CLI Integration (Optional)

The optional npx tokenwatch-link init command installs a small status-line script locally at ~/.claude/tokenwatch-statusline.js. This script:

Reads your Claude CLI usage percentage from local Claude CLI state.
Sends only that percentage number to TokenWatch servers over HTTPS.
Does not read, transmit, or log any conversation content, prompt text, or Claude output.

The CLI link is established via a one-time cryptographic pairing code displayed in the extension popup. The resulting credential is stored as a SHA-256 hashed device token — the raw key is never persisted after initial issuance.

This integration is entirely optional. The extension functions without it.

04Data We Collect

When you use TokenWatch, we collect and store the following:

Email address — used for authentication (magic link / one-time code). We use Supabase Auth to manage this.
Display name — the name you set when joining, shown to your teammates.
Avatar color — a randomly assigned color used to identify you visually in the popup.
Group membership — which TokenWatch group you belong to and when you joined.
Usage status — your current Claude status (active / idle / limit reached / offline), usage percentage if the CLI is linked, and estimated reset time. This is the core data synced to your team.
Handoff records — when you send or receive a task handoff: sender ID, recipient ID, task description text (up to 500 characters, which you write), status, and timestamps. Task text is visible to the recipient only.
Usage events — session start/end, limit-reached, and reset events. Used for the Weekly Recap feature. No conversation content is logged.

We do not collect: browsing history, conversation content, prompt text, Claude output, keystrokes, clipboard content, or any data from websites other than claude.ai.

05How We Use Your Data

To provide the core product: syncing your status to your team in real-time.
To power the Handoff Queue: routing task descriptions between group members.
To generate the Weekly Recap: aggregating session counts and handoff stats for your group.
To compute the Availability Forecast: projecting team capacity from current statuses and reset times.
To authenticate you and secure your account.
To enforce plan limits (user caps, handoff quotas) as described in our pricing.

We do not use your data for advertising, profiling, or sale to third parties.

06Data Sharing

We share your data only in these limited circumstances:

Your team group — your display name, avatar color, and usage status are visible to members of your TokenWatch group. This is the core function of the product.
Supabase — our database and authentication provider. Data is stored in Supabase infrastructure. Supabase's privacy policy applies to their handling of infrastructure-level data.
Stripe — if you subscribe to a paid plan, billing is processed by Stripe. We share your email and group ID with Stripe. We never see or store card numbers.
Legal requirements — we may disclose data if required by law, court order, or to protect the rights or safety of users.

We do not sell, rent, or share your data with advertisers, data brokers, or any third party for commercial purposes.

07Data Retention

Usage status — updated in real-time; historical status is not retained beyond what is needed for the current session.
Handoff records — retained for 7 days (Free), 90 days (Pro), 1 year (Team), or indefinitely (Studio/Enterprise), per your plan.
Usage events (for Recap) — retained for 24 hours (Free), 30 days (Pro), 1 year (Team), or indefinitely (Studio/Enterprise).
Account data (email, display name) — retained until you delete your account.

You can delete your account at any time from the Settings panel in the extension. Account deletion removes your email, display name, group membership, and all associated records within 30 days.

08Chrome Extension Permissions

TokenWatch requests the following Chrome permissions and uses them as described:

host_permissions: https://claude.ai/* — required to run the content script that reads usage-limit banners and activity status on claude.ai. No other sites are accessed.
storage — stores your authentication session, display name, group ID, and cached recap data locally in chrome.storage.local. This data stays on your device and is also synced to Supabase for real-time team sharing.
alarms — schedules the Monday 8am local-time alarm that pre-generates the Weekly Recap in the background.
notifications (optional, on-demand) — shows a Chrome notification when you hit your Claude limit and a teammate is available to receive a handoff. Requested only when you first trigger a limit event; can be denied without affecting core functionality.

We do not request or use: tabs, history, bookmarks, cookies, webRequest, clipboardRead, or broad host permissions beyond claude.ai.

09Security

All data is transmitted over HTTPS / TLS.
Row-level security (RLS) policies on our Supabase database ensure users can only read data from their own group.
CLI device tokens are stored as SHA-256 hashes — the raw token is issued once and never stored in plaintext.
Pairing codes are generated using crypto.getRandomValues and expire after 10 minutes or a single claim.
We do not store passwords. Authentication is handled via one-time codes sent to your email.

10Children's Privacy

TokenWatch is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

11Your Rights

Depending on your location, you may have rights to access, correct, export, or delete your personal data. To exercise any of these rights:

Use the Settings panel in the extension to update your display name or delete your account.
Email us at hello@brilliantdisruptions.com for any other requests.

We respond to data requests within 30 days.

12Changes to This Policy

We may update this policy as the product evolves. When we make material changes, we'll update the effective date at the top of this page. Continued use of TokenWatch after changes are posted constitutes acceptance of the updated policy.

We will not retroactively apply new data uses to previously collected data without your consent.

Questions or concerns?

Brilliant Disruptions, Inc.
hello@brilliantdisruptions.com

WE RESPOND WITHIN 24 HOURS.