Short version: Your documents and data belong to you. We don't sell them, we don't train AI on them, and we give you full control to delete everything at any time. The sections below explain this in full.
1. Who We Are
Cruxi is a desktop application and associated cloud services that provide a universal AI toolbar, context-aware drafting, and knowledge base capabilities. References to "Cruxi", "we", "us", or "our" in this policy refer to the company operating this service. For questions, contact us at privacy@cruxi.ai.
2. Information We Collect
2.1 Information You Provide
- Account Information: When you sign up, we collect your name, email address, and authentication credentials (via Google OAuth or email/password).
- Documents & Files: Files you upload to create context banks (PDFs, DOCX, XLSX, TXT, images). These are stored securely and used only to power your AI requests.
- Context Names & Notes: Names you give your context banks and any notes you add during the intake process.
- Custom Prompts: Prompts you type into the toolbar or drafting interface.
- Subscription & Billing: Payment information is processed by Stripe. We do not store full card details.
2.2 Information Collected Automatically
- Usage Data: Which features you use, token consumption, action types (e.g. "polish", "draft"), and timestamps.
- Device Information: OS version, app version, and basic system info needed to provide the service.
- Error Logs: Crash reports and error traces to help us fix bugs. These do not include the content of your documents.
3. How We Use Your Information
- Delivering the service: Processing your AI requests, storing your contexts, returning drafts and responses.
- Account management: Authentication, subscription management, billing.
- Product improvement: Aggregated, anonymised usage analytics to understand which features are most useful. We never use your document content for this.
- Support: Responding to your requests. Support staff access is limited to what is strictly necessary.
- Security: Detecting abuse, fraud, and unauthorised access.
4. AI Processing & Your Documents
We do not use your uploaded documents to train AI models — ours or anyone else's.
Your documents are processed by AI models (OpenAI, Anthropic, or similar providers) solely to respond to your requests. We have data processing agreements with all AI subprocessors that prohibit them from training on your content. Prompts sent to external models include only what is necessary to generate your requested output.
Documents are stored encrypted at rest. You can delete any context bank and all associated files at any time from the app — deletion is permanent and immediate.
5. Data Sharing & Disclosure
5.1 We Do Not Sell Your Data
Cruxi never sells, rents, or trades your personal information or documents to any third party, ever.
5.2 Service Providers
We work with a small number of carefully selected service providers:
- Cloud hosting: Google Cloud Platform (servers, storage, databases)
- AI providers: OpenAI, Anthropic — for generating responses to your requests
- Payments: Stripe — for subscription billing
- Analytics: Aggregated, privacy-respecting usage metrics only
5.3 Legal Requirements
We may disclose information when required by law, court order, or to protect the safety of our users or the public. We will notify you where legally permitted.
6. Data Retention
Your account data is retained while your account is active. Uploaded files and context banks are retained until you delete them. When you delete your account, all personal data and documents are permanently deleted within 30 days. Aggregated, anonymised usage statistics may be retained longer.
7. Your Rights
- Access: Request a copy of the personal data we hold about you.
- Correction: Update or correct inaccurate data at any time from your account settings.
- Deletion: Delete your account and all associated data at any time.
- Portability: Export your context banks and usage history.
- Objection: Object to processing for marketing purposes (we don't do this by default).
To exercise any of these rights, email us at privacy@cruxi.ai or use the controls in your account settings. We respond within 30 days.
8. Cookies & Tracking
The Cruxi desktop app does not use tracking cookies. Our website uses only essential cookies (authentication session) and, with your consent, basic aggregated analytics. We do not use advertising cookies or cross-site tracking.
9. Children's Privacy
Cruxi is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.
10. Security
We use industry-standard security measures: encryption in transit (TLS 1.3) and at rest (AES-256), access controls, regular security reviews, and least-privilege access for our team. No system is 100% secure — if you discover a vulnerability, please disclose it responsibly to security@cruxi.ai.
11. Changes to This Policy
We may update this policy as our product evolves. We'll notify you of material changes via email or an in-app notice at least 14 days before they take effect. The "Last updated" date at the top of this page always reflects the current version.
12. Contact
Questions about this policy? Email privacy@cruxi.ai or use our contact form. We read every message.