Legal

Privacy Policy

Last updated May 2026. How ContextECF collects, processes, and governs data within the Enterprise Context Fabric.

1. What we collect

We collect the account information you submit (email, company name, plan), connector configuration metadata, and operational telemetry from your use of the Fabric and Modes. The standing demo uses deterministic synthetic fixtures only — no production customer data is collected.

2. How we use data

Data is used to operate your tenant, render decision-ready context, generate governed receipts, and improve reliability. We do not sell personal data and do not use customer content to train third-party foundation models.

3. Governance and receipts

Every write-like action produces a receipt with blast radius, approval policy, destination, reversibility, and certification evidence. Receipts are retained for audit and incident review.

4. Tenant isolation

Tenant identity comes from authenticated context, never from request bodies or headers. Connector scopes are bounded by certified application prints. Synthetic demo runs exclude raw payloads and secret fields.

5. Sub-processors

We use a limited set of infrastructure sub-processors for hosting, observability, and email. A current list is available on request to active design partners.

6. Data subject rights

You may request access, correction, or deletion of personal data we hold by emailing privacy@contextecf.com. We respond within 30 days where required by applicable law.

7. Retention

Evaluation tenant content is retained for the duration of the engagement and deleted within 30 days of termination. Audit receipts may be retained longer where required for security or compliance.

8. Contact

Privacy questions can be sent to privacy@contextecf.com.