ContextVaultContextVault
Dashboard

Effective May 3, 2026

Privacy Policy

This Privacy Policy explains how ContextVault collects, uses, discloses, and protects information when you use our website, applications, APIs, MCP services, and related offerings.

This draft is intentionally plain and operationally accurate, but it should be reviewed and customized before launch so it reflects your final business practices, jurisdictions, contact details, and legal obligations.

Information We Collect

We collect information needed to operate ContextVault, including account details, organization membership data, billing and subscription records, support communications, audit and security logs, and product usage information.

If you use ContextVault through integrated services, we also receive information from those providers as needed to authenticate you, process payments, and deliver the service.

  • Authentication and account data from Clerk
  • Subscription and billing metadata from Stripe
  • Organization, seat, and group membership records
  • Operational telemetry such as request logs, audit events, and rate-limit counters
  • Content you store in the service, including memories and related metadata

How We Use Information

We use information to provide the service, secure accounts and organizations, enforce seats and entitlements, process billing, support customers, investigate abuse, and improve reliability and product quality.

We do not need or want unnecessary sensitive data. Our goal is to minimize collection and retain only what is required to operate ContextVault responsibly.

How We Share Information

We share information only with service providers and subprocessors that help us operate ContextVault, such as hosting, authentication, payment processing, and infrastructure vendors.

We may also disclose information if required by law, to protect the security of the service, or in connection with a merger, acquisition, or asset sale.

We do not sell personal information in the ordinary course of operating ContextVault.

Data Retention

We retain information for as long as reasonably necessary to provide the service, maintain security and auditability, comply with legal obligations, resolve disputes, and enforce our agreements.

Retention periods may vary depending on the type of information, the subscription state of the workspace, and whether data is needed for security or compliance purposes.

Security

We use administrative, technical, and organizational safeguards designed to protect personal information and workspace data. These include access controls, authentication requirements, audit logging, encrypted transport, and tenant-aware access enforcement.

No system can promise absolute security. You are responsible for maintaining the confidentiality of your credentials and for limiting access to your organization as appropriate.

Your Choices And Rights

Depending on where you live, you may have rights regarding access to, correction of, deletion of, or portability of your personal information, as well as rights related to certain sharing or advertising practices.

To exercise a privacy request, contact us using the contact details on this page. We may need to verify your identity before processing certain requests.

International And State-Specific Disclosures

If you are subject to privacy laws that require additional disclosures, such as certain U.S. state privacy laws, this policy should be expanded before production launch to reflect the categories of personal information collected, purposes of processing, retention logic, and request rights that apply to your business.

This scaffold is a product implementation starting point, not a final legal review.

Contact

If you have questions about this Privacy Policy or want to submit a privacy request, contact ContextVault at the business contact information you publish for launch.