Cortex.md
Sign in Plans

1. Summary

Cortex.md captures content only when you ask it to. The extension uses active tab access for user-initiated capture instead of reading every page you visit in the background. Your markdown vault stays in the folder you choose on your own device.

Hosted Cortex AI features process only the content needed for the action you trigger, such as a captured page, selected text, a document, selected Gmail or Drive content, retrieved vault excerpts, or a research prompt.

2. Data we process

  • Account data: email address, authentication identifiers, session data, plan tier, subscription status, and account settings.
  • Billing data: Stripe customer and subscription identifiers, plan metadata, billing status, and payment events. Full payment card details are handled by Stripe, not Cortex.md.
  • Usage data: AI feature name, model or provider, credit cost, token counts, timestamps, and error state needed for quota, billing, abuse prevention, and support. Website page and CTA events may be recorded for product analytics, with UTM parameters when present.
  • Local vault data: vault folder handles, indexes, capture queue state, and saved markdown files are stored locally by the extension in browser storage, IndexedDB, or the folder you select.
  • User-triggered content: page content, selected text, note excerpts, documents, Gmail threads, Drive files, YouTube transcript text, questions, prompts, and generated outputs when you choose a feature that needs them.

3. How we use data

We use data to provide the extension, authenticate accounts, enforce plan limits, process subscriptions, run AI actions, prevent abuse, diagnose errors, and provide support.

We do not sell personal data. We do not use advertising trackers or retargeting pixels. We do not build a browsing history from pages you visit. Cortex.md does not intentionally retain AI request content after completing a requested action, though usage metadata is retained for account, billing, quota, reliability, support, and privacy-conscious product measurement.

4. Service providers and AI processors

Cortex.md uses service providers to operate the product. They process data only as needed to provide their services to Cortex.md.

  • Supabase: account authentication, database records, and edge functions.
  • Stripe: checkout, subscriptions, invoices, and billing portal.
  • Anthropic, OpenAI, and Perplexity: hosted AI, embeddings, and web research actions you trigger.
  • Google APIs: Google Drive and Gmail access only after you connect Google and choose an action that uses those integrations.

5. Google API data

If you connect Google Drive or Gmail, Cortex.md requests the scopes needed to browse selected files, read selected Drive content, and read Gmail threads for ingestion into your local vault. Cortex.md uses this data only to provide the user-facing feature you requested.

The use and transfer of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

6. Security and retention

Account sessions are stored in browser storage. Vault content is stored locally in your selected folder unless you separately sync that folder with another tool. Backend systems retain account, subscription, and usage records for as long as needed to operate the service, comply with legal obligations, resolve disputes, and enforce agreements.

No internet service is perfectly secure. If you believe your account or data has been exposed, contact Cortex.md through the support channel listed on the Chrome Web Store listing or from your account page.

7. Your choices

  • You can stop using AI features and continue to keep your local markdown files.
  • You can disconnect Google access through your Google account permissions and stop using Drive or Gmail ingestion.
  • You can cancel paid subscriptions from the Cortex.md account page or Stripe billing portal.
  • You can uninstall the extension. Uninstalling removes extension storage, but files already written to your vault folder remain on disk.
  • You may request account deletion or access to account records through the support channel listed on the Chrome Web Store listing or from your account page.

8. Children

Cortex.md is not intended for children under 13, and we do not knowingly collect personal data from children under 13.

9. Changes

We may update this policy as Cortex.md changes. The updated date at the top of this page shows when the policy was last changed.

Terms of Service Pricing Back to Cortex.md