ContextAuraContextAura

Privacy Policy

Effective May 20, 2026

ContextAura is a product of Forae Inc., a Canadian corporation ("Forae", "we", "us", or "our"). This Privacy Policy explains how we collect, use, share, and protect information when you use the website at contextaura.com and any related services we operate under the ContextAura brand (the "Service"). ContextAura is a professional readiness tool that helps users get up to speed on a topic in about 10–15 minutes through a structured, AI-assisted session. References to "ContextAura" throughout this policy refer to the Service; the contracting party is Forae Inc.

By using the Service, you agree to the practices described in this policy. If you do not agree, do not use the Service.

1. Information we collect

1.1 Information you provide

  • Account information. When you create an account, we collect your email address and (for some accounts) a display name. If you sign in with Google, we receive your email address and basic profile information from Google.
  • Authentication. If you set a password, it is hashed and stored by our authentication provider (Supabase). We never see or store passwords in clear text.
  • Session content. The topics you submit, the conversation transcript between you and the AI, the generated takeaways, and any short summaries we derive from those are stored in your account so you can revisit them in your session history.
  • Attached documents. If you attach a document (e.g., a PDF, image, or text file) to a session, we store it temporarily in private storage so the AI can read it as context for that session. Attachments are deleted automatically when the session ends, and are not used to train AI models.
  • Payment information. If you purchase a paid plan or a one-off session, payment is processed by Stripe. Stripe receives your card details directly. We receive a customer reference, the amount paid, the plan you purchased, and the status of the subscription. We do not store full card numbers.
  • Communications. If you email us at support@contextaura.com or privacy@contextaura.com, we keep that correspondence to respond to you and for our records.

1.2 Information collected automatically

  • Authentication cookies. Required to keep you signed in. These are essential and not subject to consent.
  • Analytics (with consent). If you accept cookies, we use Google Analytics 4 to understand aggregate usage of the Service (page views, devices, approximate location at the country level). We anonymise IP addresses where supported. You can decline at any time and analytics will not load.
  • Diagnostic logs. Our hosting and database providers retain short-term server logs (IP address, request path, status code, user-agent) for security and reliability. These logs are not used to build user profiles.

2. How we use information

  • To provide, maintain, and operate the Service, including delivering AI-assisted sessions and storing your session history.
  • To authenticate you, secure your account, and prevent abuse.
  • To process payments and manage subscriptions through Stripe.
  • To send transactional emails (sign-in links, password resets, account confirmations, important account or billing notifications).
  • To improve and debug the Service.
  • To comply with legal obligations and enforce our Terms of Service.

We do not sell your personal information. We do not use your session content to train AI models.

3. How we share information

We share information only with the third-party service providers we rely on to operate ContextAura — for example, providers that handle hosting, our database, authentication, AI inference, payments, transactional email, and analytics — and only as needed for those services to function. We require those providers to protect the information they receive and to use it only for the purposes for which we engaged them.

We may also share information when required by law, in response to valid legal process, or to protect the rights, property, or safety of ContextAura, our users, or the public. If ContextAura is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction; we will notify you and give you a chance to delete your account first.

4. Where your data is processed

ContextAura is operated from Canada. Our service providers may process your data in Canada, the United States, or other countries. By using the Service, you consent to your information being transferred to and processed in those countries. We rely on the contractual protections offered by our providers for international transfers.

5. How long we keep information

  • Account and session history — kept while your account is active. You can delete individual sessions any time (feature coming) or request deletion of your entire account by emailing privacy@contextaura.com.
  • Attached documents — kept only for the duration of the session they're attached to. We delete the stored copy automatically when the session ends, with a fallback cleanup if the session terminates unexpectedly.
  • Payment records — kept for as long as required for tax and accounting purposes (typically 6–7 years in Canada).
  • Diagnostic logs — typically 7–30 days, depending on the provider.
  • Backups — encrypted backups may persist for up to 30 days after deletion before being purged.

6. Your rights

Depending on where you live, you may have rights to access, correct, export, restrict, or delete your personal information, and to object to or withdraw consent for certain processing. To exercise any of these rights, email privacy@contextaura.com from the email address on your account. We will respond within the timeframes required by applicable law.

You can withdraw analytics consent at any time by clearing the ca_cookie_consent entry in your browser's local storage (or by using your browser's site-data controls) and reloading the page; the cookie banner will reappear.

7. Security

We use industry-standard measures including TLS in transit, encrypted storage, role-based database access via Row Level Security policies, and short-lived authentication tokens. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security. If we become aware of a breach affecting your personal information, we will notify you in accordance with applicable law.

8. Adults only

ContextAura is intended only for individuals who have reached the age of legal majority in their jurisdiction (typically 18 or 19, depending on where you live). The Service is not directed to, and we do not knowingly collect personal information from, anyone below that age. If you believe we have collected information from a person who is not of legal majority in their jurisdiction, please contact privacy@contextaura.com and we will promptly delete it.

9. Third-party links

The Service may contain links to other websites (for example, our service providers' pages). Their privacy practices are not covered by this policy.

10. Changes to this policy

We may update this Privacy Policy from time to time. The "Effective" date at the top of the policy reflects the latest version. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

11. Contact

The data controller for the Service is Forae Inc., a corporation organised under the laws of Canada with its principal place of business in Alberta. Privacy questions, data-rights requests, or concerns: privacy@contextaura.com.

General support: support@contextaura.com.

+New sessionPrivacy Policy — ContextAura