Privacy Policy

Last updated: July, 2026

In order to ensure transparency and give you more control over your personal information, this privacy policy (“Privacy Policy”) governs how we, DeepCortex Ltd. (“DeepCortex”, “we”, “our” or “us”) use, collect and store personal information that we collect or receive from or about you (“you”) in connection with www.deepcortex.com (the “Website”) and our platform for building, deploying and operating agentic AI processes, workflows and automations (the “Platform”), and the services provided therein (collectively, the “Services”).

We greatly respect your privacy, which is why we make every effort to provide a platform that lives up to the highest user privacy standards. Please read this Privacy Policy carefully, so you can fully understand our practices in relation to personal information. With respect to Israeli privacy law, you are not legally required to provide us with personal information, and the provision of your personal information is voluntary and is provided based on your free will and consent. However, please note that if you choose not to provide certain information, we may not be able to provide you with the full range of the Platform or Services or respond effectively to your requests. Nothing in this Privacy Policy is intended to limit in any way your statutory rights, including your rights to a remedy or other means of enforcement.

Table of contents:

  1. What personal information we collect, why we collect it, and how it is used
  2. How we protect and retain your personal information
  3. How we share your personal information
  4. Your privacy rights
  5. International transfers of personal information
  6. Use by children
  7. Interaction with third party products
  8. Analytic tools / Cookies
  9. Specific provisions applicable under California privacy law
  10. Contact us

DeepCortex provides a platform that enables customers to build, deploy and operate full-stack processes, workflows and automations using agentic AI. DeepCortex functions as a data controller for personal information collected through the Services, as contemplated under this Privacy Policy. When processing Customer Information on behalf of business customers, DeepCortex acts as a data processor (or service provider) subject to the applicable customer agreement and Data Processing Agreement.

This Privacy Policy can be updated from time to time and, therefore, we ask you to check back periodically for the latest version of this Privacy Policy. If we implement material changes in the way we use your personal information, in a manner that is different from that stated at the time of collection, we will notify you by posting a notice on our Website or by other means and take any additional steps as required by applicable law.

1. What Personal Information We Collect, Why We Collect It, and How It Is Used

We Process the Following Personal Information:

Moreover, we process personal information for the following additional purposes:

2. How We Protect and Retain Your Personal Information

3. How We Share Your Personal Information

We may share your personal information as follows:

We use third party service providers to process your personal information for the purposes outlined above, including, without limitation:

To the extent necessary, we may also share personal information with regulators, courts, banks or competent authorities to comply with applicable laws, regulations and rules (including, without limitation, federal, state or local laws), requests of law enforcement, regulatory and other governmental agencies, or court orders, as well as for internal compliance procedures and to protect the safety, security, and integrity of DeepCortex, our Services, customers, employees, property, and the public. We may use or disclose the personal information we collect in order to ensure that our users are complying with all applicable aspects of our policies.

4. Your Privacy Rights

The following rights (which may be subject to certain exemptions or derogations) shall apply to certain individuals (some of which only apply to individuals protected by specific laws):

You can exercise your rights by contacting us at privacy@deepcortex.com. You may use an authorized agent to submit a request on your behalf if you provide the authorized agent written permission signed by you (where this is permitted by applicable law). To protect your privacy, we may take steps to verify your identity before fulfilling your request. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfil your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

Deleting your account: Should you ever decide to delete your account, you may do so by emailing privacy@deepcortex.com. If you terminate your account, any association between your account and personal information we store will no longer be accessible through your account.

Marketing emails – opt-out:You may choose not to receive marketing emails of this type by sending a single email with the subject "BLOCK" to privacy@deepcortex.com. Please note that the email must come from the email account you wish to block. Alternatively, if you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails, and we will process your request within a reasonable time after receipt.

5. International Transfers of Personal Information

In order to run our business and provide our Website and Services to you, we transfer personal information to certain countries around the world, including to our affiliates and service providers, many of whom are located outside of your jurisdiction. Therefore, your personal information may be processed in countries with privacy laws that are different from privacy laws in your country. Whenever personal information is transferred internationally, we ensure it is protected by using Standard Contractual Clauses or other lawful mechanisms:

According to the Israeli law, by providing your consent to this Privacy Policy, you acknowledge and agree that Personal Information relating to you may be transferred to and stored outside the borders of Israel, in accordance with applicable law and for the purposes described herein.

6. Use by Children

We do not offer our products or Services for use by children and, therefore, we do not knowingly collect personal information from, and/or about children under the age of 18. If you are under the age of 18, do not provide any information to us without the involvement of a parent or a guardian. In the event that we become aware that you provided personal information in violation of applicable privacy laws, we reserve the right to delete it. If you believe that we might have any such information, please contact us at privacy@deepcortex.com.

7. Interaction with Third Party Products

The Platform may integrate with, or enable you to connect to, third-party websites, applications, APIs, AI models, and services that are not owned or controlled by us (each, a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect personal information from you or process data transmitted through the Platform. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.

Google User Data & Gmail Read-Only Access

When you connect your Gmail account, DeepCortex accesses Gmail data via Google’s OAuth 2.0 framework and the Gmail API. We only request the gmail.readonly scope, which allows us to view (but not modify) your Gmail messages and settings. We use Gmail data to: (i) detect incoming or existing emails that trigger user-defined workflows; (ii) extract message metadata or content fields (e.g., sender, subject, date, key text) required to execute automations; and (iii) display relevant email data inside your workspace. We never use Gmail data to send, delete, or draft emails; sell or share Gmail data with third parties; or use Gmail data for advertising or training AI models. Gmail-derived data (metadata and parsed content) is stored on Amazon Web Services (AWS) with encryption in transit (TLS 1.2+) and at rest (AES-256). OAuth tokens are encrypted, stored with least-privilege access, and never stored in plain text. We adhere to the Google API Services User Data Policy, including the Limited Use policy. Gmail data is used only to provide or improve DeepCortex’s user-facing features. Gmail data is processed and stored on AWS (United States). We do not transfer Gmail data to other subprocessors without necessity or user consent. You may revoke Gmail access at any time via your Google Account settings at https://myaccount.google.com/permissions.

Data Deletion & Revocation (Google OAuth / Gmail)

If you disconnect Gmail or delete your DeepCortex account, we will permanently delete Gmail-related data from our systems within 7 days. Parsed Gmail data kept for operations or debugging is retained only as long as necessary and typically no longer than 30 days. After revocation (via Google Account Permissions), we stop all new Gmail data collection immediately. Deletion scope includes stored message metadata, parsed content used in automations, and OAuth tokens. You can request confirmation of deletion by emailing privacy@deepcortex.com. This section applies specifically to data obtained through Google OAuth and the Gmail API and should be read together with Sections 3 and 8 of this Privacy Policy.

8. Analytics Tools / Cookies

DeepCortex uses the following analytics tools on the Website and Platform:

We use log files. We use such personal information to analyze trends, administer the Website and Platform, track user movement, and gather demographic information.

We reserve the right to remove or add new analytic tools, cookies, pixels and other tracking technologies.

9. Specific Provisions Applicable Under California Privacy Law

California Privacy Rights: California Civil Code Section 1798.83 permits our customers who are California residents to request certain personal information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@deepcortex.com. Please note that we are only required to respond to one request per customer each year.

10. Contact Us

For any questions, concerns, or to exercise your privacy rights, please contact us at: privacy@deepcortex.com.

Data controller: DeepCortex Ltd.