Back to Home

Privacy Policy

Last updated: March 2026

Context Magnet ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Full name
  • Email address
  • Company name (optional)
  • Password (stored in encrypted form)
  • Billing address and tax information (for invoicing purposes)

1.2 Website Content You Connect

When you connect your website to our Service, we collect and process:

  • Public web pages from your specified domain(s)
  • Text content, headings, and metadata from those pages
  • Sitemap information
  • Any updates to this content when we recrawl your site

1.3 Documents You Upload

When you upload documents, we store and process:

  • PDF, DOCX, and TXT files you provide
  • Text content extracted from these documents
  • Document metadata (filename, upload date, size)

1.4 Conversation Data

When visitors interact with your chat widget, we collect:

  • Chat messages between visitors and your AI assistant
  • Timestamps of interactions
  • Browser and device information (anonymized)
  • Page URL where the conversation occurred

1.5 Lead Information

When lead capture is enabled and visitors provide their information, we collect:

  • Names
  • Email addresses
  • Phone numbers (if provided)
  • Any additional information visitors choose to share
  • Associated conversation history

1.6 Usage Data

We automatically collect:

  • Log data (IP addresses, browser type, pages visited)
  • Analytics data (feature usage, session duration)
  • Performance metrics
  • Error reports

1.7 Cookies and Similar Technologies

We use cookies and similar technologies for:

  • Authentication and session management
  • Remembering your preferences
  • Analytics and service improvement
  • Security purposes

For more details, see our Cookie Policy.

2. How We Use Your Information

We use collected information to:

2.1 Provide the Service

  • Create and manage your account
  • Process your website content into a searchable knowledge base
  • Power your AI assistant with relevant responses
  • Capture and store leads from your widget
  • Display conversation analytics

2.2 Process Payments

  • Process subscription payments through Paddle (our Merchant of Record)
  • Generate and send invoices
  • Handle tax compliance

2.3 Communicate with You

  • Send service-related notifications
  • Respond to support requests
  • Provide product updates (with your consent)

2.4 Improve the Service

  • Analyze usage patterns to improve features
  • Fix bugs and technical issues
  • Develop new features

2.5 Ensure Security

  • Detect and prevent fraud
  • Monitor for abuse
  • Protect against unauthorized access

3. Payment Processing and Paddle

3.1 Paddle as Merchant of Record

We use Paddle.com Market Limited (UK) and Paddle.com Inc (USA) as our Merchant of Record for payment processing. This means:

  • Paddle collects and processes your payment information
  • Paddle handles tax calculation and collection globally
  • Paddle is responsible for PCI compliance for payment data
  • Paddle issues invoices and receipts

3.2 Data Shared with Paddle

We share the following with Paddle for payment processing:

  • Name and email address
  • Billing address
  • Company name and VAT number (if applicable)
  • Subscription and transaction details

3.3 Paddle's Privacy Practices

Paddle processes your payment data according to their own privacy policy. For details, visit: paddle.com/legal/privacy

We do not store your full credit card numbers, bank account details, or other sensitive payment information on our servers.

4. Data Sharing and Disclosure

4.1 Service Providers

We share data with trusted service providers who assist in operating our Service:

| Provider | Purpose | Data Shared | |----------|---------|-------------| | Paddle | Payment processing | Billing info, transactions | | Supabase | Database hosting | All service data (encrypted) | | Vercel | Application hosting | Usage logs, analytics | | AI providers | Language processing | Anonymized conversation context |

4.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Valid legal process (subpoenas, court orders)
  • Government requests
  • Protection of our rights or safety
  • Investigation of fraud or security issues

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

4.4 With Your Consent

We may share information with third parties when you explicitly consent.

5. International Data Transfers

Your data may be processed in countries outside your residence, including:

  • United States (Vercel hosting)
  • European Union (Supabase, Paddle)

We ensure appropriate safeguards for international transfers through:

  • Standard Contractual Clauses
  • Adequacy decisions
  • Service provider data processing agreements

6. Data Retention

6.1 Active Accounts

While your account is active, we retain:

  • Account information: For the duration of your subscription
  • Website content: Until you remove the domain or request deletion
  • Documents: Until you delete them or request deletion
  • Conversations: Indefinitely unless you delete them
  • Leads: Until you delete them or request deletion

6.2 After Account Closure

When you close your account:

  • Personal data is deleted within 30 days
  • Website content and documents are deleted within 30 days
  • Anonymized analytics may be retained
  • Data required for legal compliance is retained as required

6.3 Backup Retention

Backups containing your data are retained for up to 30 days after deletion for disaster recovery purposes.

7. Your Rights

Depending on your location, you may have the following rights:

7.1 Access

You can request a copy of the personal data we hold about you.

7.2 Correction

You can update or correct inaccurate information through your account settings or by contacting us.

7.3 Deletion

You can request deletion of your personal data. Note that:

  • Some data may be retained for legal compliance
  • Deletion may affect your ability to use the Service

7.4 Portability

You can request your data in a portable format.

7.5 Objection

You can object to certain processing of your data.

7.6 Restriction

You can request that we limit processing of your data in certain circumstances.

7.7 Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

7.8 Exercising Your Rights

To exercise any of these rights, contact us at: privacy@contextmagnet.com

We will respond to your request within 30 days.

8. GDPR Compliance (EEA Users)

If you are in the European Economic Area:

8.1 Legal Bases

We process your data under the following legal bases:

  • Contract: To provide the Service you subscribed to
  • Legitimate Interest: For analytics, security, and service improvement
  • Consent: For marketing communications
  • Legal Obligation: For tax and legal compliance

8.2 Data Protection Officer

For GDPR-related inquiries, contact: dpo@contextmagnet.com

8.3 Supervisory Authority

You have the right to lodge a complaint with your local data protection authority.

9. CCPA Compliance (California Users)

If you are a California resident:

9.1 Your Rights

  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising your rights

9.2 We Do Not Sell Personal Information

Context Magnet does not sell your personal information to third parties.

9.3 Contact for CCPA Requests

California residents can exercise their rights by emailing: privacy@contextmagnet.com

10. Children's Privacy

Our Service is not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11. Security Measures

We implement appropriate security measures including:

  • Encryption of data in transit (TLS/SSL)
  • Encryption of data at rest
  • Regular security assessments
  • Access controls and authentication
  • Employee security training
  • Incident response procedures

While we strive to protect your data, no method of transmission or storage is 100% secure.

12. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be:

  • Posted on this page with a new "Last updated" date
  • Communicated via email for significant changes
  • Effective immediately upon posting unless otherwise stated

Your continued use of the Service after changes constitutes acceptance.

14. Contact Us

For questions or concerns about this Privacy Policy:

MM39 s.r.o.
Konventna 9, 811 03 Bratislava, Slovak Republic
Company ID: 48186872 | VAT ID: SK2120087288
Email: info@contextmagnet.com

  • Privacy inquiries: privacy@contextmagnet.com
  • Support: support@contextmagnet.com

For payment-related privacy inquiries, you may also contact Paddle:

  • Paddle Support: https://paddle.com/support
  • Paddle Privacy: https://paddle.com/legal/privacy

By using Context Magnet, you acknowledge that you have read and understood this Privacy Policy.