Privacy Policy

Last updated: March 18, 2026

Introduction

Tensor Cortex LLC ("we", "us", or "our") operates TensorCortex ("Service"), a personal knowledge management platform. This Privacy Policy explains what information we collect, how we use it, and what choices you have. By using the Service, you agree to the practices described here.

We believe your data belongs to you. TensorCortex is built on the principle of user sovereignty — you can export or delete your data at any time, and we will never sell your personal information.

Information We Collect

We collect the following categories of information:

Account information: When you create an account, our authentication provider (Clerk) collects your email address, name, and profile picture. We store a reference to your account along with your email and display name in our database.

User content: Documents, notes, and files you upload to the Service. This includes PDFs, Word documents, plain text, Markdown files, and images. We process and store this content to provide search and retrieval functionality.

Derived data: When you upload content, we automatically generate vector embeddings (numerical representations of meaning), full-text search indexes, and content chunks. These are derived from your content and used solely to power search and retrieval.

Usage data: We collect basic server logs including IP addresses, request timestamps, and HTTP metadata. These logs are retained for operational and security purposes.

How We Use Your Information

We use your information for the following purposes:

  • Providing the Service: processing, indexing, storing, and retrieving your uploaded content so you can search and query it
  • Account management: authenticating your identity, managing your account, and communicating with you about the Service
  • Service improvement: analyzing aggregated, anonymized usage patterns to improve performance and reliability
  • Security: detecting and preventing unauthorized access, abuse, or fraud
  • Legal compliance: meeting applicable legal obligations and responding to lawful requests

We do not use your content to train machine learning models. Your documents are processed only to generate embeddings and search indexes for your personal use.

How We Process Your Content

When you upload a document, it goes through the following processing pipeline:

  • Parsing: Your file is read and its text content is extracted on our servers
  • Chunking: The extracted text is split into smaller segments for efficient retrieval
  • Deduplication: We check for duplicate content to avoid redundant storage within your account
  • Language detection: We identify the language of each chunk to optimize search accuracy
  • Embedding: Text chunks are sent to Voyage AI to generate vector embeddings — numerical representations that capture meaning and enable semantic search
  • Storage: The processed chunks, embeddings, and metadata are stored in our database, linked to your account

Your original files are stored in Cloudflare R2 (an S3-compatible object storage service). Only you can access your files through authenticated requests to the Service.

Third-Party Services

We rely on the following third-party services to operate TensorCortex. Each service processes only the minimum data required for its function:

  • Google Cloud Platform (GCP): Hosts our application servers, database, and compute infrastructure. Your data is stored in GCP data centers and is subject to Google Cloud's data processing terms.
  • Cloudflare R2: Stores your uploaded files (documents, images). Files are encrypted at rest and accessible only through authenticated Service requests.
  • Voyage AI: Generates vector embeddings from your text content. Text chunks are sent to Voyage AI's API for processing. Voyage AI does not retain your data after generating embeddings, per their data processing terms.
  • Clerk: Handles user authentication and account management. Clerk stores your email address, name, and authentication credentials. See Clerk's privacy policy for details on their data practices.

We do not share your content with any other third parties, and none of the services listed above use your data for their own training or marketing purposes.

Data Storage & Security

We implement industry-standard security measures to protect your data:

  • All data in transit is encrypted using TLS (HTTPS)
  • Files stored in Cloudflare R2 are encrypted at rest
  • Our database is hosted on a private network (VPC) and is not directly accessible from the internet
  • Application servers communicate with the database over internal, encrypted connections
  • Authentication is handled by Clerk, which provides secure session management and supports multi-factor authentication
  • We use soft deletion — when you delete content, it is marked as deleted and excluded from queries, then permanently removed during scheduled cleanup

While we take reasonable measures to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

Data Retention

We retain your data as follows:

  • Account data: Retained for as long as your account is active. Upon account deletion, your account information is removed within 30 days.
  • Uploaded content: Retained until you delete it or close your account. Deleted content is soft-deleted immediately (excluded from all queries and retrieval) and permanently removed within 30 days.
  • Derived data (embeddings, search indexes, chunks): Deleted when the source content is deleted.
  • Server logs: Retained for up to 90 days for operational and security purposes, then automatically purged.

Your Rights & Choices

You have the following rights regarding your data:

  • Access: You can view all your uploaded content and account information through the Service at any time
  • Export: You can export your data in standard formats. We are committed to zero vendor lock-in.
  • Deletion: You can delete individual documents or your entire account. Deleted data is removed from active systems within 30 days.
  • Correction: You can update your account information and re-upload corrected documents at any time

To exercise any of these rights or to request a full data export, contact us at privacy@tensorcortex.com.

Cookies & Tracking

TensorCortex uses only essential cookies required for authentication and session management. We do not use advertising cookies, tracking pixels, or third-party analytics services that track you across websites.

Our authentication provider (Clerk) sets session cookies to keep you signed in. These are strictly necessary for the Service to function and cannot be disabled while using the Service.

Children's Privacy

The Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at privacy@tensorcortex.com and we will promptly delete it.

International Data Transfers

Our infrastructure is hosted in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States. By using the Service, you consent to this transfer.

We rely on our third-party providers' compliance frameworks (including Google Cloud's data processing addendum and Cloudflare's privacy commitments) to ensure appropriate safeguards for international data transfers.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or in-app notice at least 30 days before they take effect. The "Last updated" date at the top of this page indicates when the policy was last revised.

Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

  • Email: privacy@tensorcortex.com
  • General inquiries: legal@tensorcortex.com