back
CORTICES
privacy policy

last updated: april 14, 2026

1. Information We Collect

When you create a Cortices account, we collect:

  • Account information — email address, username, and hashed password. We never store plaintext passwords.
  • Usage data — agent connection counts, session metadata, and feature usage patterns. This helps us improve the platform.
  • Agent telemetry — system metrics (CPU, memory, uptime) transmitted via heartbeat. We do not access your source code, file contents, or conversation content.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Cortices platform
  • Send product updates and security notifications
  • Respond to support requests

3. Data Security

LLM credentials configured in the Vault are relayed directly to your agent machine via TLS-encrypted WebSocket and stored locally on the agent — they are never persisted on our servers. WebSocket connections are secured via TLS. Session tokens are generated using SHA-256 hashing. We follow industry best practices for infrastructure security, access controls, and incident response.

4. Your Code and Conversations

Cortices acts as a communication relay between your browser and your agents. Conversation history, file metadata, and diff content are persisted on our infrastructure to provide low-latency access across devices and sessions. All stored data is scoped to your account and accessible only by you. Your intellectual property remains yours.

5. Data Retention and Deletion

Account data is retained for as long as your account remains active. When you delete your account, we permanently and irreversibly delete all associated data, including:

  • Account profile, authentication credentials, and API keys
  • All agent registrations, sessions, and conversation history
  • Scheduled tasks, plans, plan run history, and associated state
  • Memories and notifications

Deletion is performed immediately upon request and is irreversible. No copies are retained in backups beyond our standard backup retention window of 7 days, after which all residual data is purged. You may request account deletion at any time by contacting [email protected].

6. Third-Party Services

We use third-party services for infrastructure hosting. These providers are contractually obligated to protect your data and use it only for the services they provide to us. We do not sell your personal information to any third party.

7. Cookies

We use essential cookies for session authentication. We do not use advertising or third-party tracking cookies.

8. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or through the platform. Continued use of Cortices after changes constitutes acceptance of the updated policy.

9. Contact

Questions about this policy? Reach us at [email protected].