← Back to Context Memo

Privacy Policy

Effective date: February 24, 2026

Context Memo ("we," "us," or "our") operates the website at contextmemo.com and the associated platform. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Company name and domain
  • Password (stored as a cryptographic hash — we never store plaintext passwords)

Brand and Content Data

When you use the platform, we collect information you provide about your brand, including website URLs, company descriptions, product information, and any context you submit for memo generation.

Usage Data

We automatically collect:

  • Pages visited, features used, and actions taken within the platform
  • Browser type, operating system, and device information
  • IP address and approximate geographic location (city/country level)
  • Referring URLs and search terms that led you to our site

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers or full payment details on our servers. Stripe's privacy policy is available at stripe.com/privacy.

2. How We Use Your Information

  • Provide and operate the Context Memo platform
  • Generate, verify, and maintain factual reference memos for your brand
  • Process payments and manage subscriptions
  • Send transactional emails (account verification, password resets, memo status updates)
  • Analyze usage patterns to improve the product
  • Detect and prevent fraud, abuse, or security incidents
  • Comply with legal obligations

3. AI Processing

Context Memo uses artificial intelligence to generate reference content. When we process your brand information, it may be sent to the following AI providers:

  • OpenAI — for memo generation and content analysis
  • Anthropic — for content generation and verification
  • OpenRouter — for multi-model content processing
  • Perplexity — for research and fact-checking

These providers process data according to their respective privacy policies and data processing agreements. We do not use your data to train third-party AI models. Brand information sent to AI providers is used solely for generating and verifying your memos.

4. Third-Party Services

We use the following third-party services that may collect or process data:

ServicePurposeData Shared
SupabaseDatabase and authenticationAccount data, application data
StripePayment processingEmail, payment details
Google AnalyticsWebsite analyticsUsage data, device info, IP address
PostHogProduct analyticsUsage data, device info
VercelHosting and edge analyticsRequest data, performance metrics
SentryError monitoringError data, device info
ResendTransactional emailEmail address, email content
HubSpotCRM and marketingContact information
IPInfoIP geolocationIP address
SerpAPISearch result analysisBrand-related search queries

5. Cookies

We use cookies and similar technologies for:

Essential Cookies

  • Authentication cookies — maintain your logged-in session (set by Supabase Auth)

Functional Cookies

  • cm_internal — identifies internal traffic to exclude from analytics
  • course_enrollment_id — tracks course enrollment state (90-day expiry)

Analytics Cookies

  • Google Analytics (_ga, _gid) — measures website traffic and usage patterns
  • PostHog — tracks product usage for feature improvement

You can control cookies through your browser settings. Disabling certain cookies may affect platform functionality.

6. Data Retention

  • Account data — retained while your account is active, deleted upon request
  • Brand and memo data — retained while your account is active; published memos may persist as public reference documents after account deletion
  • Usage and analytics data — retained for up to 26 months
  • Payment records — retained as required by tax and financial regulations

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access — request a copy of the personal data we hold about you
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of your personal data
  • Export — receive your data in a portable format
  • Restriction — request we limit processing of your data
  • Objection — object to processing based on legitimate interests

We provide self-service data export and account deletion through your dashboard settings. You can also email us at support@contextmemo.com to exercise any of these rights. We respond to requests within 30 days.

8. Data Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, access controls, and regular security monitoring via Sentry. While no system is 100% secure, we take reasonable steps to protect your information.

9. International Data Transfers

Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers in compliance with applicable data protection laws.

10. Children's Privacy

Context Memo is a business-to-business platform and is not intended for use by individuals under the age of 18. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on our website. Continued use of the platform after changes constitutes acceptance of the updated policy.

12. Contact

For privacy-related questions or requests, contact us at: support@contextmemo.com

Last updated: February 2026