Effective date: March 7, 2026 · Last updated: March 21, 2026

1. Who We Are

CortexaOS (“we,” “us,” or “our”) operates the CortexaOS platform at cortexaos.ai and any related subdomains. We provide an AI-powered business ecosystem for small and mid-size businesses. Questions about this policy can be directed to privacy@cortexaos.com.

2. Information We Collect

Account information: When you sign up, we collect your name, email address, and password (hashed — we never store plaintext passwords).

Business context (Company Brain): Information you voluntarily provide about your business — goals, customers, products, challenges — to power AI recommendations. This data is yours and is used solely to improve your experience within the platform.

Usage data: We collect information about how you interact with the platform — pages visited, features used, session duration — to improve the product.

AI conversation data: Content of your conversations with AI specialists is processed to generate responses and is stored to provide conversation history. We do not use your conversation data to train AI models without your explicit consent.

Payment information: Billing is processed by Stripe. We do not store full credit card numbers. We receive a token and last-four-digit reference from Stripe.

3. How We Use Your Information

To provide, maintain, and improve the CortexaOS platform
To personalize AI recommendations based on your business context
To process payments and manage your subscription
To send transactional emails (account confirmations, billing receipts, security notices)
To send product updates and feature announcements (you may opt out at any time)
To detect and prevent fraud, abuse, and security incidents
To comply with legal obligations

4. Data Sharing

We do not sell your personal data. We share data only with:

Anthropic — to process AI requests via the Claude API. Anthropic's data handling is governed by their API usage policies.
Stripe — to process payments. Subject to Stripe's Privacy Policy.
Neon / PostgreSQL — our database provider. Data is encrypted at rest and in transit.
Upstash Redis — for rate limiting and session caching.
Vercel — our hosting provider.
Law enforcement or regulators — only when required by law or to protect rights and safety.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You may request deletion of your account and associated data at any time by contacting privacy@cortexaos.com. We will process deletion requests within 30 days.

6. Security

We use industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, HTTP-only secure cookies for session management, and regular security audits. We are working toward SOC 2 Type II certification. No system is completely secure — if you discover a security issue, please report it to security@cortexaos.com.

7. Your Rights

Depending on your location, you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing. To exercise any of these rights, contact privacy@cortexaos.com.

8. Cookies

We use strictly necessary cookies for authentication (session cookie) and functional cookies for preferences. We do not use third-party advertising cookies. Analytics cookies (PostHog) may be used to understand platform usage — these are anonymized and you may opt out.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or an in-app notice at least 14 days before they take effect. Continued use of the platform after changes constitutes acceptance.

10. Contact

Questions about this privacy policy? Contact us at privacy@cortexaos.com or write to us at: CortexaOS, Inc., Attention: Privacy, hello@cortexaos.com.

Effective date: March 7, 2026 · Last updated: March 21, 2026

1. Who We Are

2. Information We Collect

Account information: When you sign up, we collect your name, email address, and password (hashed — we never store plaintext passwords).

Usage data: We collect information about how you interact with the platform — pages visited, features used, session duration — to improve the product.

Payment information: Billing is processed by Stripe. We do not store full credit card numbers. We receive a token and last-four-digit reference from Stripe.

3. How We Use Your Information

To provide, maintain, and improve the CortexaOS platform
To personalize AI recommendations based on your business context
To process payments and manage your subscription
To send transactional emails (account confirmations, billing receipts, security notices)
To send product updates and feature announcements (you may opt out at any time)
To detect and prevent fraud, abuse, and security incidents
To comply with legal obligations

4. Data Sharing

We do not sell your personal data. We share data only with:

Anthropic — to process AI requests via the Claude API. Anthropic's data handling is governed by their API usage policies.
Stripe — to process payments. Subject to Stripe's Privacy Policy.
Neon / PostgreSQL — our database provider. Data is encrypted at rest and in transit.
Upstash Redis — for rate limiting and session caching.
Vercel — our hosting provider.
Law enforcement or regulators — only when required by law or to protect rights and safety.

5. Data Retention

6. Security

7. Your Rights

8. Cookies

9. Changes to This Policy

10. Contact

Questions about this privacy policy? Contact us at privacy@cortexaos.com or write to us at: CortexaOS, Inc., Attention: Privacy, hello@cortexaos.com.

Privacy Policy

1. Who We Are

2. Information We Collect

3. How We Use Your Information

4. Data Sharing

5. Data Retention

6. Security

7. Your Rights

8. Cookies

9. Changes to This Policy

10. Contact

Privacy Policy

1. Who We Are

2. Information We Collect

3. How We Use Your Information

4. Data Sharing

5. Data Retention

6. Security

7. Your Rights

8. Cookies

9. Changes to This Policy

10. Contact