CTRON Loop

Public policy

Privacy Policy

This policy describes the information CTRON Loop stores and processes to operate the product, how BYOK task execution affects data flows, and what controls customers have inside the app.

Last updated: June 21, 2026

1. Information we collect

  • Account and profile data, such as email address, workspace name, and company profile details.
  • Uploaded source files and the text or metadata extracted from them so the product can ground outputs in your company context.
  • Encrypted provider-key records, provider status metadata, billing and subscription metadata, and task or loop history.
  • Technical and product-use data required to run the app, maintain sessions, store preferences such as theme or text size, and protect the platform from misuse.

2. How we use information

  • To create and secure accounts and workspaces.
  • To process uploads, retrieve context, run tasks, save outputs, and show history inside the product.
  • To manage subscriptions, enforce plan limits, and provide customer support or operational notices.
  • To protect the service, investigate abuse, debug issues, and improve reliability.

3. How BYOK affects processing

When you run tasks, relevant prompts and grounded context are sent to the AI provider connected to your workspace. Those requests are processed under your provider relationship and are subject to that provider's policies and retention practices.

Provider API keys are stored in encrypted form inside CTRON Loop. We do not display the raw value back to clients after it is saved.

4. Storage and security

Workspace data is designed around row-level isolation so one user's workspace cannot access another user's data through the application layer. Uploaded source files are stored in workspace-scoped paths.

We use reasonable technical and organizational measures to protect the service, but no system is perfectly secure. You should avoid uploading data that requires guarantees beyond the product's current security posture unless you have independently assessed the risk.

5. Sharing

We share data only with the service providers required to operate the product, such as hosting, database, storage, billing, and the AI providers you choose to connect through BYOK.

We may also disclose information when required by law, to enforce our terms, or to protect the rights, safety, and security of users or the platform.

6. Retention and deletion

We keep data for as long as needed to provide the service, maintain records, resolve disputes, and meet legal or security obligations.

You can delete certain resources from within the product, and account or workspace deletion features may remove associated records. Some operational backups or logs may persist for a limited period where required for resilience or compliance.

7. Your choices

  • You can update workspace details, company profile information, provider connections, and certain account settings inside the app.
  • You can cancel a paid subscription through the billing portal.
  • You can stop using the service at any time, subject to any remaining billing obligations for the current paid period.

8. International and legal rights

Depending on where you are located, you may have rights to access, correct, delete, or restrict certain personal data. We will honor mandatory rights that apply to the service under applicable law.

If we materially change this policy, we will update the published version and revise the last-updated date.