Privacy Policy

When you use Cortex, we collect:

• Account information: Email address, display name, and encrypted password
• User content: Tasks, notes, research, notebooks, and other items you create
• Usage data: Basic analytics such as feature usage patterns to improve the Service
• Device information: Browser type, operating system, and device type for compatibility

Your data is used to:

• Provide, maintain, and improve the Service
• Process and store your content as directed by your use of features
• Send essential communications about your account and the Service
• Detect and prevent security issues and abuse

We do not sell your personal data or use it for advertising purposes.

Cortex uses Anthropic's Claude AI to power features such as research, content extraction, summarization, and semantic search. When you use these features, relevant content is sent to Anthropic's API for processing. Anthropic does not use your data to train their models. AI processing is only triggered by your explicit actions (e.g., initiating a research query or requesting a summary).

We use the following third-party services to operate Cortex:

• Supabase: Database hosting, authentication, and data storage
• Anthropic: AI processing for research, extraction, and search features
• Vercel: Application hosting and deployment

Each of these providers has their own privacy policies. We select providers that maintain high standards of data protection and security.

Your data is stored in secure, encrypted databases hosted by Supabase. We implement industry-standard security measures including:

• Encrypted data transmission (TLS/HTTPS)
• Encrypted data at rest
• Row-level security policies on all database tables
• Secure authentication with password hashing

While we take reasonable precautions, no method of electronic storage is 100% secure. We cannot guarantee absolute security of your data.

We retain your data for as long as your account is active. Items you delete are moved to a "Recently Deleted" state and permanently removed after 30 days.

If you delete your account, all your content (items, notes, inbox entries) will be removed immediately. A minimal record containing your user ID, email address, and deletion date will be retained for billing, audit, and abuse prevention purposes. This retained record does not include any of your content.

You have the right to:

• Access your personal data stored in Cortex
• Export your data at any time
• Request correction of inaccurate data
• Delete your account and all associated data
• Object to or restrict certain processing of your data

To exercise these rights, contact us at support@cortexapp.io.

Cortex uses essential cookies for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. The only cookies stored are those necessary for the Service to function.

During the beta period, we may collect additional usage data to help improve the Service. This data is anonymized and used solely for product improvement. We will notify users if our data collection practices change materially.

Cortex is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete that information.

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service. Your continued use of Cortex after changes constitutes acceptance of the updated policy.

For privacy-related questions or concerns, contact us at support@cortexapp.io.