Privacy Policy

1. Introduction

Netmark s.r.o. ("we", "us", "our") operates Context Raven. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

3. Information We Collect

3.1 Information You Provide

• Account Information: Email address, name, password (encrypted)
• Billing Information: Payment details processed by Stripe (we do not store credit card numbers)
• User Content: Notes, descriptions, folder names, and version history you create
• Company Information: Business name, VAT ID, billing address (for business accounts)

3.2 Automatically Collected Information

• Usage Data: Pages visited, features used, time spent on the Service
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies for authentication and preferences

4. How We Use Your Information

We use your information to:

• Provide and maintain the Service
• Process your payments and subscriptions
• Send you service-related notifications
• Respond to your inquiries and support requests
• Improve and optimize the Service
• Detect and prevent fraud and abuse
• Comply with legal obligations

We do not:

• Sell your personal data to third parties
• Use your notes for training AI models
• Share your content with anyone without your permission
• Send marketing emails without your consent

5. Data Security

We implement industry-standard security measures to protect your data:

• Encryption at Rest: All note content is encrypted using AES-256-GCM
• Encryption in Transit: All data transmitted over HTTPS/TLS
• Access Controls: Strict authentication and authorization mechanisms
• Regular Backups: Encrypted backups stored securely
• Security Monitoring: Continuous monitoring for suspicious activity

6. Data Sharing and Third Parties

We share your information only with:

• Stripe: Payment processing (subject to Stripe's privacy policy)
• Supabase: Authentication services (subject to Supabase's privacy policy)
• Cloud Infrastructure: Hosting providers for data storage and processing

All third-party service providers are required to maintain appropriate security measures and use your data only for the purposes we specify.

7. Your Rights Under GDPR

As a data subject in the EU, you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Data Portability: Export your data in a machine-readable format
• Right to Restrict Processing: Limit how we use your data
• Right to Object: Object to processing of your data
• Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please contact us. We will respond within 30 days.

8. Data Retention

We retain your personal data only as long as necessary to provide the Service and comply with legal obligations:

• Active Accounts: Data retained while your account is active
• Deleted Accounts: Data permanently deleted within 30 days of account deletion
• Billing Records: Retained for 10 years as required by Slovak tax law
• Backups: Deleted data removed from backups within 90 days

9. Cookies

We use essential cookies to provide the Service:

• Authentication Cookies: Keep you logged in
• Preference Cookies: Remember your settings (theme, language)

We do not use tracking cookies or third-party advertising cookies.

10. International Data Transfers

Your data is primarily stored within the European Union. If data is transferred outside the EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

The Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through a notice on the Service. Your continued use after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us: