Privacy Policy

1. Introduction

SynContext ("we," "us," or "our") provides a Model Context Protocol (MCP) server for shared project context across Claude and other MCP-compatible clients. This Privacy Policy explains what information we collect, how we use it, and what choices you have.

By creating an account or using SynContext, you agree to the practices described in this policy. If you do not agree, please do not use the service.

2. Information We Collect

2.1 Account Information

When you register, we collect:

• Email address — used for authentication, password resets, and service notifications.
• Password — hashed with bcrypt before storage. We never store or have access to your plaintext password.
• API key — generated automatically and stored as a SHA-256 hash. The plaintext key is shown to you once at registration.

2.2 User Content

Content you create or store through SynContext includes:

• Projects — project names, descriptions, and status.
• Context entries — notes, documents, and status updates you store for your projects.
• Decisions — decision logs with rationale and alternatives.
• GitHub connections — if you choose to connect GitHub, your Personal Access Token and linked repositories.

Context entry content, decision text, and GitHub tokens are encrypted at rest using Fernet symmetric encryption (AES-128-CBC with HMAC-SHA256 verification).

AI Provider Memory Boundaries

SynContext stores only the project context, decisions, notes, and connected-service metadata that you or your authorized tools provide to SynContext. Your content remains tenant-scoped: it is isolated to your SynContext account and is not used to access, reconstruct, or infer another service's private memory. SynContext does not query, scrape, synchronize, or infer Claude's native memory or any other AI provider's internal memory. When Claude or another MCP-compatible client connects to SynContext, it can only access the SynContext context that your authenticated account has permission to expose.

Data Minimization and AI Provider Boundaries

SynContext collects user content only when you intentionally create or update projects, context entries, decisions, War Room messages, imports, GitHub connections, or similar SynContext records. We do not access or extract Claude memory, Claude chat history, conversation summaries, or files uploaded to Claude; Claude and other MCP clients may send SynContext only the specific tool inputs you approve. We use this content solely to provide shared project context, decision history, War Room collaboration, export, and related account features, consistent with Anthropic Software Directory Policy §1.D and the disclosure obligations in §3.A. User content remains tenant-scoped, protected according to this policy, and retained only as described in our retention section.

2.3 Usage Data

We collect minimal usage data to operate the service:

• Audit log — records of actions you take (e.g., creating a project, storing context) with timestamps. Used for your activity history and debugging.
• Session tokens — temporary tokens for dashboard authentication, which expire after 24 hours.

We do not use analytics services, tracking pixels, browser fingerprinting, or behavioral tracking of any kind.

3. How We Use Your Information

We use your information to:

• Provide, maintain, and improve the SynContext service.
• Authenticate your identity and authorize access to your data.
• Process payments through Stripe for paid subscriptions.
• Send transactional emails (account verification, password resets). We do not send marketing emails.
• Enforce usage quotas and rate limits based on your subscription tier.
• Respond to support requests.

We do not sell, rent, or share your personal information or content with third parties for advertising or marketing purposes.

4. Data Storage and Security

We take the security of your data seriously:

• Encryption at rest — user content (context entries, decisions, GitHub tokens) is encrypted with Fernet (AES-128-CBC + HMAC-SHA256) before being written to the database.
• Password hashing — passwords are hashed with bcrypt with automatic salt generation.
• API key hashing — API keys are stored as SHA-256 hashes.
• Encryption in transit — all connections to syncontext.dev use TLS 1.3 / AES-256-GCM ciphers.
• Tenant isolation — every database query is scoped to your user ID. Users cannot access each other's data.
• Security headers — HSTS, Content-Security-Policy, X-Frame-Options, and other protective headers are set on all responses.

4.2 Administrator Access

SynContext's administrative tools are designed with a strict metadata-only boundary. Administrators can manage accounts (change subscription tiers, suspend or delete accounts) and view aggregate system statistics, but cannot access, read, or decrypt the content of your context entries, decisions, or any other user-generated data.

This boundary is enforced structurally in the codebase: admin database queries select only metadata fields (identifiers, titles, timestamps, categories) and never include content columns. An allowlist-based helper provides defense-in-depth by stripping any non-metadata fields from admin responses.

Our database is hosted on managed PostgreSQL infrastructure in US East (Virginia). Backups are handled by our hosting provider with daily backups retained for 6 days, weekly backups retained for 1 month, and monthly backups retained for 3 months.

5. Third-Party Services

SynContext uses a limited number of third-party services to operate. We only share the minimum data required for each service to function:

• Stripe — payment processing. Stripe receives your email and payment details when you subscribe to a paid plan. SynContext does not store credit card numbers. Stripe Privacy Policy.
• Resend — transactional email delivery (account verification, password resets). Resend receives your email address to deliver these messages. Resend Privacy Policy.
• Railway — application and database hosting. Railway Privacy Policy.
• Cloudflare — DNS, CDN, and DDoS protection. Cloudflare Privacy Policy.
• GitHub API — accessed only when you connect your GitHub account and interact with repository features. Your GitHub Personal Access Token is encrypted and stored in our database, and is used solely to make API calls on your behalf. GitHub Privacy Statement.

6. Data Retention

• Active accounts — your data is retained for as long as your account is active.
• Account deletion — option to self-delete your account is provided directly through your account dashboard. Upon deletion (or administrative deletion), all personal and tracking details are permanently and immediately removed from active database systems. This includes your profile, subscription linkages, registered OAuth applications, context entries, decisions, version history, sessions, webhooks, and GitHub connections. Deletion also triggers the immediate API-driven cancellation of any active Stripe subscription to prevent future billing. A single minimal, anonymized deletion-event record (containing only the deleted account UUID and a timestamp) is retained persistently in our secure audit log for security, platform integrity, and abuse-prevention purposes; all historical active audit logs associated with your profile are permanently destroyed.
• Session tokens — expire automatically after 24 hours and are cleaned up periodically.
• Password reset tokens — expire after 1 hour.

Deleted data may remain in provider backups until the applicable backup window expires: daily backups are retained for 6 days, weekly backups for 1 month, and monthly backups for 3 months.

7. Your Rights

You have the following rights regarding your data:

• Access — you can view all your data through the dashboard and MCP tools at any time.
• Export — you can export your projects, context entries, and decisions as JSON using the dashboard or the hub_export_project MCP tool.
• Correction — you can update your context entries, decisions, and project details through the dashboard or API.
• Deletion — you can delete individual projects, context entries, or your entire account profile. Deletion from active production databases is permanent and immediate. Residual copies of deleted records stored within secure provider backups are maintained offline and are systematically overwritten in accordance with our 3-month rotation and retention window described in Section 6.
• Portability — the JSON export format is designed to be portable and human-readable.

To exercise any of these rights or if you have questions, contact us at [email protected].

7.1 GDPR Rights — EEA/UK Users

This section applies to users in the European Economic Area (EEA) and the United Kingdom (UK). Taino Software, the operator of SynContext, is the data controller for the personal data described in this Privacy Policy. You can contact the controller at [email protected].

We process your personal data under Article 6(1)(b) of the GDPR to perform our contract with you by providing SynContext, and under Article 6(1)(a) based on your consent when you create an account and choose to use the service.

Section 7 describes self-service access, export and data portability, correction and rectification, and deletion and erasure controls. EEA/UK users may also request restriction of processing, object to processing, withdraw consent at any time, and lodge a complaint with a supervisory authority.

SynContext is operated from the United States. For EEA/UK users, transfers of personal data to the United States rely on the Article 49(1)(a) explicit-consent derogation, consistent with Section 10. To exercise your GDPR rights, use the dashboard, export, or deletion controls where available, or contact [email protected].

8. Cookies and Tracking

The SynContext landing page does not use cookies.

The SynContext dashboard uses browser sessionStorage to store the session token used by most dashboard API and streaming requests. At login, the dashboard also sets a secure, HttpOnly, SameSite=Lax cookie named syncontext_session with a 24-hour lifetime. That cookie supports browser-session flows and is required for certain account-management endpoints, such as Connected Apps.

The syncontext_session cookie is not accessible to JavaScript, including third-party scripts, and is deleted when you log out. Dashboard sessions expire after 24 hours or when you log out.

We do not use Google Analytics, Facebook Pixel, or any third-party tracking or advertising scripts.

9. Children's Privacy

SynContext is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at [email protected] and we will delete it promptly.

10. International Data Transfers

SynContext's servers and database are located in the United States (US East, Virginia). If you access the service from the European Economic Area (EEA), the United Kingdom (UK), or another location outside the United States, your personal data will be transferred to and processed in the United States.

Taino Software is NOT certified under the EU-U.S. Data Privacy Framework; therefore this transfer does not rely on that adequacy decision. US authorities may access personal data under US law, and EEA/UK users may not have equivalent EU judicial redress.

By creating an account or submitting data to SynContext, EEA/UK users give explicit, informed consent to this transfer under Article 49(1)(a) GDPR. Section 4 describes the security safeguards SynContext applies to data in transit, at rest, and across tenant boundaries.

11. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify registered users by email before the changes take effect. The "Last updated" date at the top of this page indicates when the policy was last revised.

Continued use of SynContext after changes become effective constitutes acceptance of the revised policy.

12. Contact

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Email: [email protected]
Website: https://syncontext.dev