CR3SCENDO AI/Privacy Policy

Privacy Policy

Version 1.1 · Effective 2026-04-24

These terms are effective as of 2026-04-24. They may be updated before our platform reaches general availability. Material changes will be communicated to registered users.

Introduction

CR3SCENDO AI, Inc. ("CR3SCENDO AI," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and related services.

Data We Collect

We collect information you provide directly, information generated through your use of our services, and information from third-party sources. Categories include:

  • Account information — name, email address, organization details
  • Business data — formation documents, financial records, compliance filings you create through the platform
  • Payment information — processed securely by Stripe; we do not store full card numbers
  • Usage data — anonymized analytics collected via PostHog
  • AI interaction data — conversation logs and generated outputs, stored per-organization

How We Use Your Data

  • To provide, maintain, and improve the CR3SCENDO AI platform
  • To process transactions and send related information
  • To execute business formations, filings, and compliance tasks on your behalf
  • To power AI-assisted features (with PII redaction before external processing)
  • To send service notifications and updates
  • To detect, prevent, and address fraud or technical issues

AI and PII Protection

All data sent to external AI providers (Anthropic, Google, xAI, Perplexity AI) passes through our ComplianceMux layer, which redacts personally identifiable information (PII) before transmission. Redacted fields include SSNs, EINs, email addresses, phone numbers, and payment card numbers. Token maps for re-hydration are stored ephemerally and expire within one hour.

Sub-Processors

We use third-party sub-processors to deliver our services. For the current list, see our Sub-Processor List. We will update this page when sub-processors change and notify affected customers.

Data Security

We employ industry-standard security measures including TLS 1.3 for data in transit, AES-256-GCM encryption for sensitive data at rest, row-level security for tenant isolation, and immutable audit trails with SHA-256 hash chains.

Data Sovereignty and Portability

You own your data. We provide full data export capabilities with one-click access. There is no lock-in: you may export all your organization data at any time in standard formats.

Your Rights

  • Access and receive a copy of your personal data
  • Request correction of inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict processing of your personal data
  • Data portability: receive your data in a structured, machine-readable format
  • Withdraw consent at any time where processing is based on consent

Contact

For privacy-related inquiries, contact us at privacy@cr3scendo.ai.