~/ privacy
Privacy Policy
How ContextRocket handles the data you give us — your account, the sources you connect, the AI calls we run on your behalf, and the analytics we use to keep the service stable.
Last updated: March 2026
Overview
This Privacy Policy describes how we collect, use, process, and disclose your information when you use ContextRocket. We are committed to protecting your privacy and ensuring transparency about our data practices.
Information We Collect
Personal Information
We collect personal information you provide when you register or use the platform, including your name, email address, organization membership, and billing contact details where applicable.
Usage Information
We automatically collect information about how you interact with our services, including conversation and agent chat transcripts, source and crawl inventory metadata, clip-inbox captures you submit, IP address, browser type, device information, and usage patterns needed to operate the product.
How We Use Your Information
- To provide and maintain the ContextRocket platform, including crawls, retrieval, and organization apps
- To communicate with you about your account, security notices, and service updates
- To improve and optimize our services, including AI assistant quality and product analytics
- To comply with legal obligations and enforce our terms
- To send newsletters and product updates where you have opted in
Information Sharing
We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy or as required by law. Conversation and corpus data may be processed by third-party AI providers (including Google Vertex AI and other model hosts you configure with your own API keys) to generate responses. Analytics and infrastructure vendors may process limited technical data to operate the service. Connected apps and authorized integrations receive only the context you approve for that connection.
Cookies and Tracking
We use cookies and similar tracking technologies to maintain your session, remember language and consent preferences, and understand how the platform is used. You can control non-essential cookies through the consent banner and your browser settings.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Right to access your personal data
- Right to rectify inaccurate data
- Right to erasure (right to be forgotten)
- Right to data portability
- Right to object to processing
- Right to withdraw consent
Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including encryption in transit, access controls, and audit logging for sensitive operator actions.
Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations. Trial and organization data follow the retention windows described in your account settings and product notices.
Data Processing Agreements (DPA)
Customers and partners can request a Data Processing Agreement covering this service. Email us with your organization name and intended scope, and we'll respond within 5 business days.
How your data is isolated (and when it's shared)
ContextRocket separates your data into three visibility tiers so you always know what stays private, what is shared across customers, and what is internal to your team. The product never sends data across tier boundaries without your explicit action.
- Public corpus
- Public web content we crawl for any customer (your own marketing pages, competitor sites, public knowledge bases). One crawl is shared across customers who reference the same URL - keeps your costs down and means the data you'd have crawled yourself is already indexed when you join.
- Organisation private
- Uploaded documents (PDFs, manual paste), Notion/Google Drive imports, Slack threads, CRM extracts, brand assets, tone exemplars, and support docs. Visible only to members of your organisation. Never blended into any other customer's queries.
- Organisation internal
- Drafts, work-board cards, content ideas, and other operational state. Visible only inside your organisation; never surfaced to customer-facing responses without explicit publish.
By default, agent and Composer queries blend your private data with the shared public corpus so answers can cite both. You can opt out per query (or per draft) using the visibility toggle in chat scope and Composer - "org-only" excludes the shared pool, "public-only" excludes your private data.
Architecture detail: each chunk in our retrieval index carries a visibility tag (public_corpus / org_private / org_internal) and an org_id. Every query expands to a filter that enforces these boundaries at the database level. See our trust documentation for the full technical posture.
Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: mark@contextrocket.com
Address:
Pink Moon Group UG
Hochstrasse 21
13357 Berlin
Germany
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the last-updated date above.