Privacy Policy

1. Introduction

Eikon Solutions ("we," "us," or "our") operates ContextVault, a professional AI context management platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

Your privacy and data security are fundamental to our service. We implement individual company encryption keys and enterprise-grade security practices to ensure complete protection of your information.

2. Information We Collect

Information You Provide Directly

• Account Registration: Name, email address, company information, role/title
• AI Operating System Builder: Business information, communication samples, workflow details
• Platform Content: AI contexts, team collaboration data, custom configurations
• Contact Forms: Contact information and inquiry details
• Payment Information: Billing details processed securely through third-party processors

Automatically Collected Information

• Usage Analytics: Platform interaction patterns, feature usage, performance metrics
• Technical Data: IP address, browser type, device information, access timestamps
• Security Logs: Authentication events, access patterns for security monitoring

Information from Third Parties

• Integration Data: Information from connected services (MCP, n8n workflows)
• Professional Networks: Public business information for account verification

3. How We Use Your Information

Core Service Provision

• Providing systematic AI context management platform services
• Generating personalized AI Operating Systems through our assessment tool
• Facilitating team collaboration and context sharing within your organization
• Supporting enterprise workflow integrations and automation

Professional Services

• Delivering consulting services related to systematic context engineering
• Providing technical support and platform guidance
• Developing custom integrations for enterprise clients
• Training and onboarding for systematic AI implementation

Platform Improvement

• Analyzing usage patterns to improve platform performance and features
• Conducting security monitoring and threat detection
• Developing new capabilities based on systematic methodology
• Ensuring optimal resource allocation and system scaling

4. Data Protection and Security

Technical Security Measures

• Encryption in Transit: All data transmission uses TLS 1.3 encryption
• Encryption at Rest: Database and file storage encrypted with AES-256
• Access Controls: Role-based permissions and multi-factor authentication
• Network Security: Firewall protection and intrusion detection systems
• Regular Audits: Security assessments and penetration testing
• Backup Systems: Encrypted, geographically distributed backups

Operational Security

• Employee background checks and security training
• Least-privilege access principles for all system access
• Comprehensive audit logging and monitoring
• Incident response procedures and notification protocols

5. Data Sharing and Disclosure

Limited Disclosure Circumstances

• Service Providers: Encrypted data processing by verified vendors (hosting, payment processing)
• Legal Requirements: Compliance with valid legal process, court orders, or government requests
• Safety Protection: Preventing fraud, abuse, or threats to user or public safety
• Business Transfers: Corporate transactions (with continued privacy protection guarantees)

Aggregated Analytics

We may use aggregated, anonymized data for research, platform improvement, and industry insights. This data cannot be traced back to individual companies or users.

6. Data Retention and Deletion

Active Account Data

We retain your data while your account is active and for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements.

Account Termination

• 30-day grace period for data export and account recovery
• Complete data deletion within 90 days of confirmed termination
• Secure destruction of individual encryption keys
• Anonymization of any required audit trail data

Legal Retention

Some data may be retained longer to comply with legal, regulatory, or tax requirements, but always with the same security protections and individual encryption.

7. Your Privacy Rights

Access and Control

• Data Access: Request copies of your personal information
• Data Correction: Update or correct inaccurate information
• Data Deletion: Request deletion of your personal information
• Data Portability: Export your data in structured formats
• Processing Restriction: Limit how we process your information

Communication Preferences

• Opt-out of marketing communications (service communications may continue)
• Adjust notification settings within your account
• Unsubscribe from AI Operating System Builder follow-ups

Exercising Your Rights

To exercise these rights, contact us at privacy@contextvault.io. We will respond within 30 days and may require verification of your identity for security purposes.

8. International Data Transfers

ContextVault primarily operates in the United States. If you access our services from other countries, your information may be transferred to, stored, and processed in the United States.

We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and our robust individual encryption key system that protects your data regardless of location.

9. Third-Party Services and Integrations

Service Providers

• Cloud Infrastructure: Secure hosting with verified providers
• Payment Processing: Stripe for secure billing (PCI DSS compliant)
• Email Services: Resend for transactional communications
• Analytics: Privacy-focused usage analytics

Platform Integrations

Our MCP and n8n integrations are designed to work within your individual encryption boundary. External integrations only access data you explicitly authorize, and all connections maintain the same security standards.

Third-Party Policies

While we carefully vet our service providers, each has their own privacy policies. We recommend reviewing the privacy policies of any external services you choose to connect.

10. Children's Privacy

ContextVault is designed for business use and is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes via email or platform notification at least 30 days before they take effect.

Your continued use of ContextVault after changes become effective constitutes acceptance of the updated Privacy Policy.

12. Contact Information

For questions about this Privacy Policy or our privacy practices, contact us: