Privacy Policy
Last Updated: 01 Jan 2026
In this policy, “we”, “us”, and “our” refer to Kontext.
This Privacy Policy explains how we collect, use, store, and protect your data when you use our Services.
1. Information We Collect
We collect (a) information you provide and (b) information collected automatically when you use the Services.
Information you provide may include:
| Category | Examples |
|---|---|
| Account and profile information | Name, email address, user avatar |
| Authentication information | Social sign-in (e.g., Microsoft, Google, Google One-Tap) |
| Newsletter information | Email address and subscription preferences |
| Billing and transaction information | Billing address, subscription details, payment history |
| AI inputs | Prompts, queries, and data for analysis |
| AI agents memory | AI agents conversation history and memory |
We also automatically collect technical and usage information (e.g., browser type and version, IP address, device information, referral data, pages viewed, and features used).
We use third-party service providers (data processors) for hosting, analytics, AI processing, payment processing, and communications. They may process your data on our behalf and may also be subject to their own privacy policies.
2. How We Use Your Personal Data
We use your personal data for the purposes described below:
| Purpose | Examples |
|---|---|
| Provide and operate the Services | Account creation, authentication, and access control |
| Communications | Account notices (registration, password reset, email verification, security alerts), newsletter updates |
| Public profile and content features | Display your name with your profile and other public content |
| Support and improvement | Feedback, troubleshooting, and service improvement |
| AI-powered features | Provide and improve AI-powered features, data agents, and automated insights |
| AI context and personalization | Use AI agents memory and conversation history to maintain context and provide personalized outputs |
We process personal data as needed to provide the Services (including under contract), with your consent where required, and for our legitimate interests (such as improving and securing the Services).
3. Sharing and Disclosing Your Personal Data
We may share your personal data:
- With third-party service providers (data processors) that process data on our behalf (e.g., hosting, analytics, AI processing, payment processing, and communications)
- To comply with law, legal process, or lawful government requests
- When you choose to make information public (for example, on your profile)
- To protect the rights, property, or safety of us, our users, or others
We do not sell your personal data.
4. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access your personal data
- Correct your personal data (Account Settings)
- Request deletion of your personal data (email enquiry@kontext.tech)
- Restrict or object to the processing of your data
- Data portability (request a copy of your data)
- Lodge a complaint with a supervisory authority
When you delete your account:
- Your account is deactivated immediately and fully deleted within 30 days
- During deactivation, your account and content are not publicly accessible
- After 30 days, your data is not recoverable
5. Data Breach Notification
In the event of a data breach that may affect your rights or freedoms, we will notify you and relevant authorities as required by law.
6. Children’s Privacy
Our Services are not intended for children under 13 and we do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us and we will delete it. Parents or guardians may contact us to review or request deletion of a child’s data.
7. Data Storage & Processing
7.1 Overview
We separate platform functions across two infrastructure planes to provide operational efficiency while supporting project-level data residency controls. The global control plane, used for platform management and aggregated telemetry, is hosted in Australia data centers. Project-specific data is stored in the cloud region you select when creating a project.
7.2 Global Control Plane
- Operational metadata, platform control services, and aggregated telemetry are maintained in our global control plane and stored in Australia data centers.
7.3 Project Data Planes and Residency
- Project data — including uploaded files, notebooks, query results, and other artifacts — is stored in the cloud region (Azure or AWS) selected at project creation. If you require a specific data residency arrangement, please contact us.
- Transfers of telemetry or logs to the global control plane do not relocate your primary project data stored in the project region.
7.4 Telemetry and Logs
- We transfer project usage metrics and application logs to the global control plane to support billing, monitoring, support, and service improvement.
- Transfers are limited to the minimum necessary data and handled in accordance with our security and retention practices.
7.5 LLM Processing
- When you use our data agents, prompts and relevant project data will be transmitted to third‑party large language model (LLM) providers for processing. Depending on the LLM provider and your project configuration, LLM processing may occur within a specific region or globally; project settings control whether LLM processing is restricted to a region.
- LLM providers may have their own logging and retention policies; review your chosen provider’s documentation and configure project settings accordingly.
| Provider | Data Protection & Privacy Policy |
|---|---|
| Azure OpenAI | Data, privacy, and security for Azure OpenAI Service |
| AWS Bedrock | AWS Privacy Notice & Bedrock Data Protection |
7.6 Data Security
We protect data in transit and at rest using industry‑standard technical and contractual safeguards and require third‑party processors to meet our security and privacy requirements.
8. International Data Transfers
Your personal data may be stored and processed in Australia, your selected project region, and other countries, and different laws may apply. Where required, we implement safeguards such as standard contractual clauses or other appropriate mechanisms to protect your data.
9. Automated Decision-Making and Profiling
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects.
10. Other Websites
Our Services may contain links to unrelated third-party websites. This policy does not apply to them, and we are not responsible for their content or privacy practices.
11. Data Retention
We retain personal data only as long as needed for the purposes described in this policy, including to meet legal, accounting, or reporting requirements.
| Data Category | Retention Period |
|---|---|
| Account Information | For as long as your account is active. Upon deletion, data is removed within 30 days (see Section 4). |
| AI Agents Memory | For the duration of your account or until manually deleted by you. |
| Financial & Transactional Records | 7 years (to comply with Australian tax and corporate laws). |
| Backups | Up to 90 days after deletion from active production systems. |
| Anonymized & Aggregated Data | Indefinitely (data is permanently de-identified or aggregated such that it can no longer be used to identify you). |
Retention periods may vary where we are required to retain data to comply with law, resolve disputes, or enforce our agreements.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Where required by law, we will notify you in advance of material changes and update the last modified date. Please review this policy periodically.
13. Contact Information
If you have any questions about this policy, your rights, or wish to exercise your rights, please contact us:
Email: enquiry@kontext.tech