Security & Privacy

How thecontextcache™ protects your data

End-to-End Encryption

All your data is encrypted using XChaCha20-Poly1305 encryption with your master key. Your master key never leaves your device and is never sent to our servers.

Key Derivation

We use Argon2id for key derivation, which is resistant to GPU cracking attacks. Each user has a unique salt stored securely in our database.

Zero-Knowledge Architecture

We implement a zero-knowledge architecture where the server never has access to your unencrypted data. All encryption and decryption happens on your device.

Third-Party Services Disclaimer

thecontextcache™ uses various third-party services and tools for development, deployment, and operation including but not limited to:

Cloudflare (Frontend hosting & CDN)
Google Cloud Run (Backend hosting)
Neon (PostgreSQL database)
Upstash (Redis cache)
Clerk (Authentication)
HuggingFace (AI embeddings)

In the event that any of these third-party services experience security vulnerabilities, data breaches, or other incidents, thecontextcache™ is not liable for any damages, losses, or unauthorized access to data resulting from such third-party incidents. Users acknowledge and accept this risk by using our service.

Reporting Security Vulnerabilities

If you discover a security vulnerability, please report it responsibly to:

support@thecontextcache.com

We aim to respond within 48 hours. Critical vulnerabilities will be prioritized.

Our Security Practices

•SQL injection prevention through parameterized queries
•JWT authentication with Clerk
•Rate limiting (300 requests/minute, 5000/hour)
•CORS protection with whitelisted origins
•Generic error messages to prevent information leakage
•Regular security audits and updates

Questions about security? Contact us