This Privacy Policy explains what personal data CONTEXT PLUS PLUS INC (“we”) collects when you use context++ (the “Service”), why, and who processes it on our behalf. It is written to reflect how the Service actually operates.
1. Data we collect
- Account data — your email address (via Supabase authentication) and account timestamps.
- Billing data — a Stripe customer identifier and subscription/plan status. Card and payment details are collected and processed by Stripe; we never receive or store your full card number.
- Usage data — metering and usage-event records (endpoint, unit counts, outcome, timestamps) used to enforce quotas and operate billing.
- Submitted URLs & request content — the URLs and parameters you send to be converted. These are forwarded to our fetching providers (below) to retrieve the target content, and may be cached transiently to serve repeat requests.
- API keys — stored only as a one-way hash; the plaintext key is shown once at creation and never stored.
- Operational telemetry — error and performance traces with secrets redacted, used to keep the Service reliable.
2. How we use data
To provide and secure the Service, authenticate you, meter usage and bill your plan, fetch and convert the URLs you submit, prevent abuse, and diagnose problems. We do not sell your personal data.
3. Sub-processors
We rely on the following third parties to operate the Service. The URLs you submit are shared with the fetching providers to retrieve content; account, billing, and telemetry data are shared with the others as needed:
- Supabase — authentication and application database.
- Stripe — payment processing and subscription billing.
- Railway — API hosting.
- Vercel — website / storefront hosting.
- Sentry — error and performance telemetry.
- Scrape Creators, scrape.do, and Kernel — fetching providers that retrieve the content at the URLs you submit.
4. Retention
Account, billing, and usage records are retained for as long as your account is active and as required for legal, tax, and accounting purposes. Cached fetch results expire automatically. You may request deletion of your account data as described below.
5. Your rights
Depending on your location (e.g. GDPR/CCPA), you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at support@contextplusplus.dev. We will respond within the timeframe required by applicable law.
6. Security
We encrypt data in transit, hash API keys, redact secrets from logs and telemetry, and validate outbound requests to block access to private/internal network addresses. No method of transmission or storage is perfectly secure.
7. Contact & controller
The data controller is CONTEXT PLUS PLUS INC, Bogert 54 Street, New Jersey, United States. For any privacy question or request: support@contextplusplus.dev.