Privacy Policy

Effective Date 02/03/2026

Cortaxiom (“we,” “our,” or “us”) respects your privacy and is committed to protecting the information you share with us. This Privacy Policy explains how we collect, use, and protect information when you visit our website or interact with our services.

Information We Collect

We may collect the following types of information:

Information you provide directly, such as your name, email address, business details, and any information submitted through contact forms, onboarding forms, or demos.
Usage and interaction data, such as pages visited, time spent on the site, and general interaction patterns.
Technical information, including browsing type, device information, and IP address, collected through standard analytics tools.

We do not intentionally collect sensitive personal information unless you choose to provide it.

Operational and System Metadata.

When you interact with Cortaxiom services, we may collect and process operational and technical metadata necessary to operate, secure, and maintain the Services. This information may include, without limitations:

System and execution metadata (such as timestamps, request duration, response status codes, and error indicators);
Request volume, rate, and burst patterns;
Message size, token counts, or similar usage metrics (excluding message content by default, unless expressly enabled by the Customer under an applicable subscription or agreement);
Session identifiers generated by the system (hashed or otherwise pseudonymous);
Subscription tier, enabled feature, and usage against defined service limits;
Indicators of anomalous, abusive, or high-risk activity generated by automated or manual safe-guards.

This information is used for operational integrity, security, performance optimization, abuse prevention, and compliance with applicable agreements and obligations.

Data Logging, Monitoring, and Retention

Cortaxiom may collect and retain limited interaction data, system metadata, and usage information in order to operate, secure, and improve the Services. This may include timestamps, request volume, feature usage, error diagnostics, and portions of user interactions necessary for debugging, abuse prevention, performance monitoring, and compliance purposes.

Cortaxiom retains such data only for as long as reasonably necessary to fulfill these purposes, unless a longer retention period is required by law or for legitimate business needs such as dispute resolution or enforcement of our Terms of Service.

How We Use Information

Information collected is used to:

Provide and improve our services
Respond to inquiries and requests
Support onboarding and system configuration
Communication about updates or relevant offerings
Maintain security and operational integrity

We do not sell personal information

Information collected through operational logging may be used to:

Maintain service availability, reliability, and performance across all users;
Enforce subscription tier limits, fair-use policies, and usage boundaries;
Detect, prevent, and respond to misuse, abuse, or attempts to bypass safeguards;
Trigger automated or manual throttling, restriction, or suspension where necessary to protect the Service, Cortaxiom, Customers, or third parties;
Support capacity planning, incident response, and system diagnostics.

Such measures are designed to protect the integrity and stability of the service and are applied using a combination of automated systems and human review, as appropriate.

Artificial Intelligence and Automated Processing

Cortaxiom provides services that incorporate artificial intelligence technologies, including large third-party large language models and related automated processing systems. When users interact with AI-powered features of the Services, the content they submit (including prompts, messages, and related inputs) is processed in order to generate responses and operate platform functionality.

These AI-powered features operate through a combination of Cortaxiom's own systems and third-party AI model providers. User inputs may be transmitted to such providers solely for the purpose of generating outputs, enforcing safety controls, maintaining system reliability, and improving service quality.

Third-Party AI Service Providers

Cortaxiom utilizes third-party service providers to perform AI processing on its behalf. These providers process user inputs only as instructed by Cortaxiom and subject to contractual obligations regarding confidentiality, security, and data protection.

Cortaxiom does not permit third-party AI providers to use Customer Content for their own independent purposes outside of delivering the Services, except as required to comply with applicable law.

AI Systems and Data Use

The Services may use automated processing to generate informational outputs and assist users. Cortaxiom does not use AI-generated outputs as the sole basis for decisions that produce legal or similarly significant effects on individuals.

Interactions with AI demonstrations or systems may be logged for quality, safety, and improvement purposes. These interactions are not used to identify individuals unless explicitly provided by the user.

AI systems are designed to operate with defined boundaries and are not intended to replace professional, legal, or medical advice.

By default, Cortaxiom does not log or retain the full content of messages processed by its AI systems. Standard operation excludes message content from persistent logs.

In limited circumstances, message content may be logged only when explicitly enabled by the Customer, such as within designated enterprise or Elite service tiers, or where required to fulfill a specific support, diagnostic, audit, or contractual obligation agreed to in writing.

Where message content logging is enabled:

It is opt-in and tier-restricted;
It is limited to the scope and duration necessary for the stated purpose;
It is subject to enhanced access controls and retention limits.

Cortaxiom does not log partial message snippets by default and does not use message content for advertising, profiling, or cross-customer analysis.

Information Sharing

We may share information with trusted services providers who support website operations, communications, analytics, and infrastructure. These providers are permitted to use information only as necessary to perform services on our behalf.

We may disclose information if required by law or to protect our rights, safety, or property.

Cortaxiom uses trusted infrastructure and cloud service providers to operate and secure the Services, including providers for application hosting, content delivery, logging, and storage. These providers act as data processors and are permitted to process information solely to perform services on our behalf and in accordance with our instructions.

Cortaxiom does not permit infrastructure providers to use logged information for their own purposes, and does not sell or disclose log data to third parties for advertising or marketing.

Data Security

We implement reasonable administrative, technical, and organizational measures to protect information against unauthorized access, disclosure, or misuse. No system can guarantee absolute security, and use of the site is at your own risk.

Operational logs are logically segregated by Customer and protected through scoped credentials and access controls. Customers do not have access to logs belonging to other Customers.

Access to logged information by Cortaxiom personnel is limited to authorized roles and permitted only where necessary for service operation, support, security, or compliance purposes.

International Data Transfers

Cortaxiom operates globally and may process and store information in jurisdictions different from the user’s place of residence. This includes transmitting data to service providers located in other countries for the purpose of delivering AI-powered functionality and maintaining system infrastructure.

Where required by applicable law, Cortaxiom implements appropriate safeguards to protect personal information transferred internationally.

Third-Party Services

Our Website may include links to third-party services or tools. We are not responsible for the privacy practices of external websites.

Children's Privacy

Cortaxiom services are not directed or intended to/for those under the age of 18, and we do not knowingly collect personal information from children.

Your Choices

You may contact us to request access, correction, or deletion or personal information you have provided, subject to applicable legal and operational limitations.

Operational log retention varies by service tier and configuration. Logs are retained only for as long as reasonably necessary to fulfill the purposes described in the Policy, subject to applicable terms, agreements, and legal obligations.

Customers on eligible service tiers may request modified retention periods or deletion of certain logged data, subject to technical feasibility, contractual terms, and legal requirements.

User Responsibilities

Users are responsible for ensuring that they have the right to submit any content they provide to the Services and for avoiding the submission of sensitive personal information unless expressly permitted. Users should not submit confidential, regulated, or highly sensitive data through AI-powered features unless explicitly authorized by Cortaxiom.

Client-Managed Logging (Enterprise / Elite Services)

Certain enterprise or Elite services may support Customer-managed logging and storage configurations. In such cases, log ownership and long-term retention are controlled by the Customer, and Cortaxiom's access is limited to what is required to deliver the Services and as permitted by the applicable agreement.

Policy Updates

This Privacy Policy may be updated from time to time. Changes will be reflected on this page with an updated effective date.

If you have questions about this Privacy Policy or our data practices, contact us at support@cortaxiom.com.