Privacy Policy

Context Clarity, Inc. (“Company,” “we,” “us,” or “our”) operates ClarityCoreMCP, an AI-powered cross-domain intelligence platform. This Privacy Policy explains what data we collect, how we use it, and what rights you have over it.

We collect the following categories of information:

• ›Account information — name, email address, and authentication credentials (managed by Clerk)
• ›Usage data — queries submitted to the Service, tool invocations, timestamps, and response metadata
• ›Uploaded documents — files you choose to upload or ingest for analysis (e.g. reports, financial statements, contracts). Files sent only for one-time analysis are processed in memory and not retained; files you ingest into a project are stored, walled to your account, and deletable by you at any time. See Data Retention below.
• ›Technical data — IP address, browser/client type, device information, and access logs
• ›Billing data — subscription plan and billing status (payment details handled entirely by Stripe; we never see or store your card number)

We do not sell your personal data. We do not share data with third-party advertisers. We do not build advertising profiles. We do not use tracking pixels or engage in cross-site behavioral targeting.

Your queries are used solely to deliver the Service and improve response quality. They are never sold, licensed, or shared with external parties for their own purposes.

We use a minimal set of cookies strictly necessary to operate the Service:

• ›Clerk session token — authenticates your login session. Strictly functional — no tracking or advertising purpose.
• ›CSRF token — protects against cross-site request forgery attacks. Session-scoped, no personal data stored.
• ›Stripe checkout cookies — Stripe may set cookies during payment flows for fraud prevention. These are controlled by Stripe and scoped to their domain.

We do NOT use advertising cookies, tracking pixels, or cross-site behavioral targeting. There are no Google Analytics, Mixpanel, or similar third-party analytics cookies on this site.

We use the data we collect to:

• ›Deliver, maintain, and improve the Service
• ›Process your queries through AI models and return cited, verified responses
• ›Cache results to improve performance for similar queries
• ›Manage your account, subscriptions, and billing
• ›Communicate with you about your account, updates, and security notices
• ›Detect and prevent abuse, fraud, and unauthorized access

When you submit a query, your text (and any document content needed to answer it) is routed to a third-party AI inference provider that generates your response. To keep the Service fast and affordable, we route across several US- and EU-based providers — currently Groq, SambaNova, Cerebras, Together AI, and OpenRouter, with Anthropic's Claude API as a fallback. We deliberately exclude providers we consider higher-risk for data handling.

We do NOT use your queries or documents to train or fine-tune any AI model, and we route only to inference providers whose terms commit not to train on them either. Your data is used for inference only.

We select inference providers whose API or business terms commit to not training on data submitted via their API. Anthropic's commercial API terms expressly prohibit training on API data. Each provider maintains its own terms and privacy policy, linked in the Data Sharing section below; we encourage you to review them.

Files sent for one-time analysis are processed in memory and the content is not stored after the response is returned. Query results may be cached in our database to reduce latency on similar requests. Cached data is scoped to your account and is not accessible to other users. Cached query results are retained for up to 90 days, then automatically purged.

Query results may be cached in our database to reduce latency on similar requests. Cached data is scoped to your account and is not accessible to other users. Cached query results are retained for up to 90 days, then automatically purged.

We log usage metadata (tool name, credits consumed, timestamps) for billing and abuse prevention. We do NOT log the content of your queries in our billing or usage systems.

We share data only with the following parties, strictly as required to operate the Service:

• ›AI inference providers — to generate responses, your query text (and any document content needed to answer it) is sent to one of the providers we route across: Groq, SambaNova, Cerebras, Together AI, OpenRouter, or Anthropic (Claude API). These providers are US-based; OpenRouter is itself a router that forwards your request to an underlying model provider identified in its terms. We select providers whose terms commit to not training on API-submitted data; each maintains its own privacy policy (linked).
• ›Clerk — authentication data only (email, login events). Clerk never receives your queries or usage data. See Clerk's Privacy Policy.
• ›Stripe — billing data only (plan, payment status, invoices). Stripe never sees your queries or AI-generated responses. See Stripe's Privacy Policy.
• ›Railway — cloud infrastructure hosting. PostgreSQL databases and application servers.

We do NOT sell, rent, or share your data with any other third party.

Law enforcement: We will only disclose user data in response to valid legal process (subpoena, court order, or equivalent). We will notify you of any such request unless we are legally prohibited from doing so.

During account registration, we collect hashed IP addresses and user agent fingerprints for abuse prevention. Raw IP addresses are never stored — only cryptographic hashes that cannot be reversed to identify you.

This data is used solely to detect and prevent fraudulent account creation (e.g., mass automated signups). Signup audit data is retained for 90 days, then automatically purged.

Your data is stored in PostgreSQL databases hosted on Railway with encryption at rest. Application data is transmitted over HTTPS/TLS. Access to production systems is restricted to authorized personnel only.

While we implement commercially reasonable security measures, no system is perfectly secure. We cannot guarantee absolute protection against all threats.

We retain your account data for as long as your account is active. Cached query results are retained for up to 90 days. Usage logs are retained for up to 12 months. After these periods, data is automatically purged.

Uploaded documents. Files you send for one-time analysis are processed in memory and are not stored after your response is returned. Files you choose to ingest into a project are stored, walled to your account, and retained until you delete them — using the in-product delete (“forget”) function — or until you close your account, at which point they are removed within 30 days. We may also purge files belonging to accounts that have been inactive for an extended period. Residual copies may persist briefly in encrypted backups before they cycle out. We never retain your documents to train any model.

When you delete your account, we remove your personal data within 30 days. Some anonymized, aggregated data may be retained for analytics purposes.

You have the right to:

• ›Access — request a copy of the personal data we hold about you
• ›Correction — request correction of inaccurate data
• ›Deletion — request deletion of your account and associated data
• ›Export — request a machine-readable export of your data
• ›Objection — object to specific processing activities where permitted by law

To exercise any of these rights, contact us at nick@contextclarity.ai. We will respond within 30 days.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• ›Right to know — you may request disclosure of the categories and specific pieces of personal information we have collected about you
• ›Right to delete — you may request that we delete personal information we have collected from you, subject to certain exceptions
• ›Right to opt out of sale — we do not sell personal information. Because no sale occurs, there is nothing to opt out of.
• ›Right to non-discrimination — we will not discriminate against you for exercising any of your CCPA rights

To exercise your California privacy rights, contact us at nick@contextclarity.ai. We will verify your identity before processing your request and respond within 45 days.

The Service is not directed to individuals under 18. We do not knowingly collect data from minors. If you believe a minor has provided us with personal data, contact us and we will delete it promptly.

Our servers are located in the United States. If you access the Service from outside the U.S., your data will be transferred to and processed in the U.S. By using the Service, you consent to this transfer.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice within the Service at least 30 days before taking effect. Your continued use after changes become effective constitutes acceptance of the revised policy.

Questions or concerns about your privacy? Contact us at nick@contextclarity.ai.

Context Clarity, Inc.
Denver, Colorado