Privacy Policy

1. Who We Are

tensor.cx is operated by Tensor Cortex LLC ("we," "us," or "our"). tensor.cx is a web application that allows users to upload documents and search them using AI-powered natural language queries. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service at tensor.cx.

If you have questions about this policy, contact us at hello@tensor.cx.

2. Information We Collect

2.1 Account Information

When you create an account, we receive your email address, first name, and last name from our authentication provider, Clerk. We store your email address and associate it with your user profile. You may also use tensor.cx without creating an account; in that case we do not collect any personal information from you.

2.2 Documents and Content

When you upload documents (PDF, DOCX, TXT, or Markdown files), we store the original files in our cloud storage. We extract and process the text content from these files using a third-party AI service to make them searchable. The extracted text and processed data are stored in our database to enable search functionality.

2.3 Queries and AI-Generated Responses

When you submit a search query, we send your query text along with relevant portions of your documents to a third-party AI provider to generate an answer. We do not persistently store your queries or the generated responses; however, they may appear in temporary server logs.

2.4 Billing Information

If you subscribe to a paid plan, payment processing is handled entirely by Stripe. We do not receive or store your credit card number, bank account details, or other payment instrument data. We store only your Stripe customer identifier, subscription identifier, plan tier, subscription status, and billing period dates.

2.5 Automatically Collected Information

We may automatically collect certain technical information when you use our service, including:

• IP address (used for rate limiting; not stored in our database but may appear in server logs)
• Browser type and version
• Device type and operating system
• Pages visited and actions taken within the service
• Date and time of access

2.6 Analytics

We use Microsoft Clarity to understand how users interact with our service. Clarity may collect information such as mouse movements, clicks, scrolls, and page navigation. Clarity may use cookies or similar technologies to gather this data. For more information, see Microsoft's Privacy Statement.

2.7 Local Storage

We store a list of your recently visited workspaces in your browser's local storage to provide quick access. This data stays on your device and is not transmitted to our servers. It includes workspace identifiers, titles, document counts, and visit timestamps.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the service
• Process your documents and enable AI-powered search functionality
• Manage your account and authenticate your identity
• Process payments and manage subscriptions
• Enforce usage limits and rate limits to protect the service
• Analyze usage patterns to improve the service (via Microsoft Clarity)
• Detect, prevent, and address technical issues, fraud, or abuse
• Comply with legal obligations
• Communicate with you about service updates, if you have opted in

4. Third-Party Service Providers

We share your information with the following third-party service providers who assist us in operating the service. Each provider processes data only as necessary to perform its designated function.

We use OpenAI's API services for generating embeddings and AI-generated responses. Per OpenAI's API data usage policy, data submitted through their API is not used to train their models. For details, see OpenAI's API Data Usage Policies.

5. Cookies and Similar Technologies

tensor.cx itself does not set first-party cookies for tracking purposes. However, our third-party providers may set cookies as follows:

• Clerk: May set cookies for authentication and session management.
• Stripe: May set cookies during the checkout process for fraud prevention.
• Microsoft Clarity: Sets cookies and uses similar technologies to collect behavioral analytics data.

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the service, particularly authentication.

6. Data Retention

• Account data: Retained as long as your account is active. You may request account deletion by contacting us.
• Documents and workspaces: Retained until you delete them. When you delete a document, the original file, all extracted text, and all processed data are permanently removed.
• Empty workspaces: Workspaces with no documents are automatically deleted after 24 hours.
• Billing records: Retained as required by applicable tax and accounting laws, typically for a minimum of 7 years after the end of the subscription.
• Server logs: Automatically rotated and deleted within 30 days.

7. Data Security

We implement industry-standard security measures to protect your data, including:

• Encryption in transit (TLS/HTTPS for all connections)
• Encryption at rest for stored data
• Secure token-based authentication
• Secure, time-limited file upload URLs
• Rate limiting on all API endpoints to prevent abuse
• Input validation and sanitization

No method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security.

8. International Data Transfers

Our servers and third-party service providers are primarily located in the United States. If you access tensor.cx from outside the United States, your data will be transferred to, stored, and processed in the United States and potentially other countries where our service providers operate.

By using tensor.cx, you consent to the transfer of your information to the United States and other jurisdictions that may not provide the same level of data protection as your home country. We take steps to ensure that your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

9. Your Rights

Depending on your location, you may have certain rights regarding your personal information:

9.1 General Rights

• Access: You may request a copy of the personal data we hold about you.
• Correction: You may request that we correct inaccurate personal data.
• Deletion: You may request that we delete your personal data. You can delete your documents and workspaces at any time through the service interface. For full account deletion, contact us.
• Data portability: You may request a copy of your data in a structured, machine-readable format.
• Objection: You may object to our processing of your personal data in certain circumstances.

9.2 European Economic Area (EEA) and UK Residents

If you are in the EEA or the United Kingdom, you have rights under the General Data Protection Regulation (GDPR) or UK GDPR. Our legal basis for processing your personal data includes:

• Contract performance: Processing necessary to provide the service you requested.
• Legitimate interests: Processing necessary for security, fraud prevention, and service improvement.
• Consent: Where you have given explicit consent (e.g., analytics via Microsoft Clarity).

You may also lodge a complaint with your local data protection authority.

9.3 California Residents

Under the California Consumer Privacy Act (CCPA), California residents have the right to know what personal information is collected, request its deletion, and opt out of the sale of personal information. We do not sell your personal information.

9.4 Exercising Your Rights

To exercise any of the above rights, please contact us at hello@tensor.cx. We will respond to your request within 30 days.

10. Children's Privacy

tensor.cx is not intended for use by children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of tensor.cx after any changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: