"We respect your privacy" is on every landing page, including this one. The honest version is more specific: it tells you where your words go, who touches them, and what is kept. So here is the exact route your text takes when you ask an AI tool to fix it.

When you highlight a sentence and ask for a correction, that text has to reach a language model somewhere and come back. The interesting question is not whether it travels, but who sits in the middle of that trip. Every party in the path is a party that could, in principle, keep a copy.

The two common routes

Most writing tools use one of two architectures. They look identical from the outside and are very different underneath.

Route A: through the tool's own servers

Your text goes to the tool's backend first, which then calls the AI provider on your behalf. Convenient, because you never manage a key. The catch is that the tool now handles your raw text, and its logs, retention, and training policies are what actually protect you.

Route B: straight to the model

Your text goes from your browser directly to the AI provider you chose, using your own key. The tool never sees the content at all. Fewer parties in the middle means fewer places a copy can live.

Privacy is not a promise. It is a list of who touches your text, and that list should be as short as possible.

How to read a privacy claim

Instead of trusting the headline, ask four concrete questions. The answers tell you almost everything.

  1. Who receives the raw text? Just the model, or the tool's servers too?
  2. Is it logged? Kept for debugging, analytics, or "quality"?
  3. Is it retained? Deleted right after the fix, or stored for days?
  4. Is it used for training? Your words feeding a future model is the quiet default in more products than you would guess.

What a minimal path looks like

The shortest honest path has your browser talk to the provider and nobody else. Conceptually, the request is this simple:

POST https://api.provider.com/v1/fix
Authorization: Bearer <your-own-key>

{
  "text": "i wanted to discus the projet timeline",
  "task": "fix spelling and grammar, keep the voice"
}

The key belongs to you. The request leaves your browser and lands at the provider. The corrected text comes straight back. No intermediate server reads the body, because there is no intermediate server. That is the design worth looking for.

How Prose handles it

Prose is built around Route B. When you bring your own API key, your text goes directly to OpenAI, Anthropic, or Google, and Prose is never in the loop. The key itself is stored only in chrome.storage.local, a sandboxed area other extensions cannot read.

  • No logs. Prose does not record the text you fix.
  • No storage. The sentence is not kept after the fix returns.
  • No training data. Your words never become someone's dataset.

If you prefer not to manage a key, Prose credits route the request without retaining the content. Either way, the list of parties who touch your text stays as short as the task allows. The full detail lives in the privacy policy.


The takeaway is not "trust Prose". It is: ask any tool where your text goes, count the hands it passes through, and prefer the shortest path. For why a correction should never quietly become a rewrite, read fix, do not rewrite.