Skip to main content
Skip to main content

~/ privacy

Privacy Policy

How ContextRocket handles the data you give us — your account, the sources you connect, the AI calls we run on your behalf, and the analytics we use to keep the service stable.

Last updated: March 2026

Overview

This Privacy Policy describes how we collect, use, process, and disclose your information when you use ContextRocket. We are committed to protecting your privacy and ensuring transparency about our data practices.

Information We Collect

Personal Information

We collect personal information you provide when you register or use the platform, including your name, email address, organization membership, and billing contact details where applicable.

Usage Information

We automatically collect information about how you interact with our services, including conversation and agent chat transcripts, source and crawl inventory metadata, clip-inbox captures you submit, IP address, browser type, device information, and usage patterns needed to operate the product.

How We Use Your Information

  • To provide and maintain the ContextRocket platform, including crawls, retrieval, and organization apps
  • To communicate with you about your account, security notices, and service updates
  • To improve and optimize our services, including AI assistant quality and product analytics
  • To comply with legal obligations and enforce our terms
  • To send newsletters and product updates where you have opted in

Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy or as required by law. Conversation and corpus data may be processed by third-party AI providers (including Google Vertex AI and other model hosts you configure with your own API keys) to generate responses. Analytics and infrastructure vendors may process limited technical data to operate the service. Connected apps and authorized integrations receive only the context you approve for that connection.

Cookies and Tracking

We use cookies and similar tracking technologies to maintain your session, remember language and consent preferences, and understand how the platform is used. You can control non-essential cookies through the consent banner and your browser settings.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to access your personal data
  • Right to rectify inaccurate data
  • Right to erasure (right to be forgotten)
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including encryption in transit, access controls, and audit logging for sensitive operator actions.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations. Trial and organization data follow the retention windows described in your account settings and product notices.

Data Processing Agreements (DPA)

Customers and partners can request a Data Processing Agreement covering this service. Email us with your organization name and intended scope, and we'll respond within 5 business days.

mark@contextrocket.com

How your data is isolated (and when it's shared)

ContextRocket separates your data into three visibility tiers so you always know what stays private, what is shared across customers, and what is internal to your team. The product never sends data across tier boundaries without your explicit action.

Public corpus
Public web content we crawl for any customer (your own marketing pages, competitor sites, public knowledge bases). One crawl is shared across customers who reference the same URL - keeps your costs down and means the data you'd have crawled yourself is already indexed when you join.
Organisation private
Uploaded documents (PDFs, manual paste), Notion/Google Drive imports, Slack threads, CRM extracts, brand assets, tone exemplars, and support docs. Visible only to members of your organisation. Never blended into any other customer's queries.
Organisation internal
Drafts, work-board cards, content ideas, and other operational state. Visible only inside your organisation; never surfaced to customer-facing responses without explicit publish.

By default, agent and Composer queries blend your private data with the shared public corpus so answers can cite both. You can opt out per query (or per draft) using the visibility toggle in chat scope and Composer - "org-only" excludes the shared pool, "public-only" excludes your private data.

Architecture detail: each chunk in our retrieval index carries a visibility tag (public_corpus / org_private / org_internal) and an org_id. Every query expands to a filter that enforces these boundaries at the database level. See our trust documentation for the full technical posture.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: mark@contextrocket.com

Address:
Pink Moon Group UG
Hochstrasse 21
13357 Berlin
Germany

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the last-updated date above.