Data & Privacy

What data we process. What we store. What you control.

This page explains how The Canopy Corporation handles data across Cortex and Canopy Host. We process data on your behalf. You own it. You can export or delete it.

Principles

  • You own your documents, source code, training data, and application data.
  • Customer data is not used to train shared models.
  • EU infrastructure is the default.
  • GDPR export and erasure endpoints are implemented.

Cortex

What Cortex processes.

Cortex processes your documents and queries to provide retrieval-augmented assistant answers with citations.

Documents

PDF, Markdown, HTML, and plain text files are processed into chunks, embeddings, and searchable text inside your project.

Freshdesk / Symphony tickets

Ticket content reaches Cortex via Freshdesk webhooks to generate a draft reply. Drafts are reviewed by your agent inside Freshdesk before sending - Cortex does not send on its own.

Training data

Optional message pairs, examples, and transcripts are used only for adapters scoped to your project. Fine-tuning is an advanced, optional capability.

External sync sources

Optional database or API credentials are encrypted at rest and used only to retrieve your selected source data.

Query context

Your configured model provider receives the query, retrieved chunks, and conversation history if enabled.

Canopy Host

What Canopy Host processes.

Canopy Host processes repository, deployment, domain, environment, and billing metadata needed to deploy your applications.

Git repository

Canopy Host reads your repo for builds. Raw source code is not persisted after the build completes.

Environment variables

Values are stored as secrets, not logged, and not exposed in build output.

Project configuration

Repo URL, build settings, domain configuration, deployment history, build logs, and database configuration are stored.

Billing data

Stripe processes payment information. Canopy does not store card numbers or payment credentials.

Who owns your data

You own your content.

Your documents, training data, source code, and application data are yours. We process them only to operate the service. The Canopy Corporation does not claim ownership beyond what is necessary to provide the products.

What we do not store

  • Plaintext provider API keys.
  • Source code after Canopy Host builds complete.
  • Raw card numbers or payment credentials.
  • Data from other customers in your project.

Retention

How long data is kept.

Active data is retained while your account or subscription is active. Deleted or closed-account data is purged according to product retention windows.

Cortex active dataRetained while subscription is activeActive
Cortex soft-deleted dataHard-purged after the default 90-day windowConfigured
Cortex audit logsRetained for 12 months, configurable for EnterprisePolicy
Canopy Host build logsRetained for 30 days per buildPolicy
Account closureData retained for 30 days, then permanently purgedPolicy

Your GDPR rights

You can export or delete your data.

Cortex and Canopy Host expose erasure and portability endpoints. Email privacy@canopy.pm if you need help exercising these rights or need a Data Processing Agreement.

Cortex deleteDELETE /dashboard/meArt. 17
Cortex exportGET /dashboard/me/exportArt. 20
Canopy Host deleteDELETE /account/gdprArt. 17
Canopy Host exportGET /account/gdpr/exportArt. 20

Sub-processors

Who processes data on our behalf.

This list is current as of June 2026. We will update this page when sub-processors change.

Hetzner Online GmbH Infrastructure hosting in EU data centres Application data
Stripe, Inc. Payment processing Billing and payment information only
Supabase Inc. Authentication infrastructure for Canopy Host User authentication credentials
OpenAI / Anthropic AI generation for Cortex queries if configured by you Query text and retrieved document context
Plausible Analytics Privacy-preserving website analytics Anonymised page views

Data residency

Application data is stored in the EU by default.

Cortex and Canopy Host run on Hetzner infrastructure in European data centres. Third-party processors such as Stripe and model providers may process data outside the EU under applicable transfer mechanisms.

Model training policy

Your Cortex knowledge base, documents, conversations, and training datasets are processed solely to power your own assistants within your project boundary. We do not aggregate customer data into shared training pipelines.

Contact

Questions about data handling?

We aim to respond to privacy and GDPR requests within 5 business days. DPAs are available for Team and Enterprise Cortex plans.