Privacy Policy

Last updated: October 23, 2025

This Privacy Policy explains how SuperSpell, the “Service”, collects, uses, shares, and protects your information. If you have questions or want to exercise your rights, contact privacy@passage.software.

1) Scope and roles

Who we are: Passage Software Ltd., Ditza 1, Tel Aviv, 6811814, Israel, contact@passage.software

SuperSpell is a product by Passage Software. SuperSpell is a spelling assistance add in that works inside third party software, for example Microsoft Word. This policy applies to information we collect through our website, our add in, and related services.

2) What SuperSpell does

SuperSpell helps correct spelling as you type inside compatible hosts, for example Microsoft Word. SuperSpell sends the relevant text to a cloud large language model, LLM, to generate suggestions, then returns the corrected text. SuperSpell requires an active internet connection to function. There is no offline mode.

3) Information we collect

We collect only what we need to provide and improve the service.

• Account data: email address, authentication credentials. We use Firebase Authentication.
• Billing data: handled by Paddle, our merchant of record. We do not store full payment instrument data.
• User content: Text that you choose to process with SuperSpell. These portions are sent to an LLM provider to return improved text. We may retain samples for quality assurance and to provide the service.
• Telemetry and diagnostics: basic event data, for example feature usage, errors, performance metrics, device and app versions, IP address, timestamps.
• Support data: messages you send to support, including optional logs, screenshots, or document snippets you share.

4) How we use information

• Provide and operate the Service, including account creation, authentication, spell checking, and support, based on contract necessity.
• Process payments and manage subscriptions, using Paddle, based on contract necessity and legal obligations.
• Maintain security, prevent abuse, and debug issues, based on legitimate interests and legal obligations.
• Improve the Service, including quality, performance, and user experience, based on legitimate interests. Where required, we will ask for consent.
• Communicate with you, for example service notices, account alerts, and policy updates, based on contract necessity, legitimate interests, or consent where required.

5) AI processing and providers

SuperSpell routes the text you choose to correct to a cloud LLM provider, such as OpenAI or a comparable vendor, to generate improved text. Providers have their own privacy terms. By using SuperSpell, you acknowledge that your inputs and outputs will be processed by those providers under their terms. We instruct providers to use data only to provide the service and we seek to disable training or long term retention where controls exist. Do not send content you are not permitted to share, and avoid sensitive personal data.

6) Sharing and processors

We share necessary data with service and infrastructure providers: - Firebase, Google: authentication and related infrastructure. - Paddle: payments and invoicing as merchant of record. - LLM provider, for example OpenAI or equivalent: text processing to generate improved text. - Hosting, logging, and email providers: to run the service and support. - Authorities, when required by law or to protect rights, safety, and security. - Business transfers, in connection with a merger, acquisition, financing, or sale of assets. - We do not sell personal data. We do not share document content with advertisers.

7) International transfers

We host data on servers located in the European Union. If we transfer personal data outside the European Economic Area, we use appropriate safeguards, for example Standard Contractual Clauses, and we apply technical and organizational measures that provide a level of protection similar to that in the EEA.

8) Security

We use reasonable safeguards such as encryption in transit and at rest, access controls based on role and least privilege, periodic review of access, and monitoring for abuse. No method is perfectly secure. You are responsible for securing your device and host environment.

9) Your rights

Subject to applicable law, you may have the right to:

• Access your personal data.
• Correct incomplete or inaccurate data.
• Request deletion of your data.
• Restrict processing of your data.
• Receive a copy of your data in a portable format.
• Object to processing based on legitimate interests or direct marketing.
• Withdraw consent at any time where processing relies on consent.

To exercise these rights, contact privacy@passage.software.

10) Third party platforms and links

The Service runs inside third party software, for example Microsoft Word. Those platforms have their own terms and privacy policies. We are not responsible for their practices. Links on our site may lead to other websites. Their policies apply to your use of those sites.

11) Cookies and local storage

We use only what is necessary to run the service, for example authentication session storage and basic product analytics.

12) Children and sensitive data

The Service is not intended for children under 13, or a higher age where local law requires consent by a guardian. We do not knowingly collect personal data from children. If you believe a child provided personal data, contact us to delete it. We do not knowingly collect special category data. Do not input sensitive information into SuperSpell.

13) Changes to this Policy

We may update this Policy from time to time. If a change is material, we will notify you, for example by email or an in product notice. The revised Policy takes effect on the date posted.

14) Contact

Passage Software Ltd. Ditza 1, Tel Aviv, 6811814, Israel. contact@passage.software