How we handle your data.

Summary

• Account data: If you use Cortical Chat, you sign in with email + password (handled by our authentication provider).
• Chat data: When not in incognito mode, Cortical stores your conversations and messages in your account so you can return to them.
• API keys: Cortical Chat is bring-your-own-key. If you add provider keys, they are stored in your account so you can reuse them.
• Files: Attachments are processed in your browser. Text files may be included as text in prompts; images may be sent to vision-capable models.
• Third parties: Your prompts are sent to the AI provider you choose, using your API key.

What we collect

Marketing site (non-chat pages) is static and does not intentionally collect personal data except what you choose to send via the contact form, which opens your email client and sends email to info@tizzle.org.

Cortical Chat collects and processes:

• Account information: email address, password (stored/processed by our authentication provider), and optional display name.
• Profile settings: theme preference and whether Memory is enabled.
• API keys you add: provider name, a label, a key preview, and the API key value you submit.
• Conversations & messages (when not incognito): chat titles, selected provider/model metadata, message content, timestamps.
• Memories (if enabled and not incognito): short facts derived from your chats, stored to help personalize future replies.

Incognito mode

If you enable incognito mode, Cortical Chat does not save conversations, messages, or new memories to the Cortical database. Messages are still sent to the AI provider you selected in order to generate a response.

How we use your data

• Provide the service: authenticate you, display your chat history, and let you manage API keys and settings.
• Personalization: if Memory is enabled, store and use "memories" (facts you've shared) to improve continuity across chats.
• Security: prevent unauthorized access to your stored keys and conversations (e.g., per-user access controls in the database).

How prompts and files are processed

Cortical Chat runs primarily in your browser. When you send a message:

• Your message content (and any included file text context) is sent from your browser to the AI provider's API endpoint using the API key you selected.
• If you attach images and select a vision-capable provider, the images are sent to that provider as part of the request payload.
• If you attach a file that appears binary (e.g., PDFs), Cortical Chat will not upload its raw contents as text; it will include a note in the prompt indicating the file was attached.

Third-party services

Cortical uses third-party services to operate Cortical Chat:

• Infrastructure providers: authentication and database storage for your account data (profiles, keys, chats, memories).
• AI providers: when you choose a provider (e.g., OpenAI, Anthropic, Google, etc.), your prompt is sent to that provider using your key. Their handling/retention policies are controlled by them and may vary.

Data retention

• API keys: stored until you delete them in your profile.
• Chats: stored until you delete a conversation.
• Memories: stored until you delete them individually or clear all memories.

Your choices

• Incognito: prevents saving chats/memories to the Cortical database.
• Memory toggle: controls whether Cortical saves new memories from your chats.
• Deletion: you can delete conversations, memories, and API keys in the app.

Security

Cortical uses authenticated access controls so only you can access your stored conversations, memories, and API keys. No system is perfect; please avoid sharing sensitive information in prompts, and keep your provider API keys private.

Changes to this policy

We may update this policy as Cortical Chat evolves. The "Effective" date above will reflect the latest version.