Privacy Policy

Effective date: April 21, 2026

Who this policy covers

This Privacy Policy applies to Intuitive Context, LLC, including intuitivecontext.com, mythosreport.com, Mythos audit and reporting workflows, client portals, payment flows, and direct communications with us.

Mythos is an Intuitive Context product. When you use Mythos, we collect and process the information needed to run the audit, deliver the report, support the account, and improve the reliability of the service.

Our roles as controller and processor

Intuitive Context acts as a data controller for information about our website visitors, prospects, customers, billing, marketing, and general business operations. In that capacity, we decide what information is collected and how it is used.

When we perform a Mythos audit or other engagement for a customer, the customer is the data controller of any personal information the customer chooses to submit, and Intuitive Context acts as a data processor, processing that information under the customer's instructions and only for the purpose of delivering the engagement. For engagements involving regulated data, large-volume personal data, or data originating in jurisdictions that require it, a separate written data processing agreement may apply on request.

Information we collect

• Contact and account information, such as name, email address, company, role, and communication preferences.
• Billing and transaction information, including product purchased, payment status, invoices, subscription status, and refund history. Payments are processed by Stripe; we do not store full payment card numbers on our servers.
• Mythos audit inputs, such as company name, domain, public website content, competitors, category context, buyer-intent queries, and any notes you choose to submit.
• Usage and device information, such as pages viewed, browser type, referring pages, approximate location derived from IP address, timestamps, and diagnostic logs.
• Communications, support requests, survey responses, and other information you send to us directly.

How we use information

• Deliver audits, reports, consulting work, subscriptions, invoices, and customer support.
• Run Mythos analysis across AI answer engines and prepare visibility, competitor, sentiment, schema, and remediation findings.
• Process payments, renewals, refunds, fraud checks, and account administration.
• Improve product quality, security, analytics, and operational reliability.
• Send transactional messages, service updates, and, where permitted, relevant marketing communications.
• Comply with legal, tax, accounting, security, and dispute-resolution obligations.

How Mythos uses AI providers

To perform a Mythos audit, we may submit prompts, company names, domains, competitor names, public website excerpts, and related category context to third-party AI providers, including OpenAI, Anthropic, and Google. We use the responses to measure how answer engines describe a brand, who they cite, and what remediation work is most likely to improve visibility signals.

Do not submit confidential, regulated, privileged, or highly sensitive information unless we have agreed in writing that it is required for the engagement. Third-party providers process data according to their own terms and privacy commitments.

How we share information

• Service providers that help us host, analyze, secure, email, store, and operate the services.
• Payment processors, banks, and financial partners needed to complete transactions and manage subscriptions.
• AI providers and analysis tools used to perform the Mythos work you request.
• Professional advisors, legal authorities, or counterparties when needed for compliance, safety, legal claims, or a business transfer such as a merger, financing, or sale of assets.
• We do not sell personal information, and we do not share personal information for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act. We also do not share customer audit inputs with third parties for their independent marketing use.

Sub-processors

Intuitive Context uses a small set of sub-processors to operate the services. Current categories and representative providers include:

• Cloud hosting and content delivery.
• Payment processing — Stripe.
• Transactional email — Mailgun.
• Product analytics and measurement — Google Analytics 4.
• AI answer engines used for Mythos analysis — OpenAI, Anthropic, and Google.
• Customer support, scheduling, and internal collaboration tools.
• Customers with an active enterprise engagement can request an up-to-date sub-processor list by emailing [email protected].

International data transfers

Intuitive Context is based in the United States. Your information may be processed in the United States and in any country where a sub-processor operates. For transfers of personal data originating in the European Economic Area, the United Kingdom, or Switzerland, we rely on transfer mechanisms recognized under applicable law, including the European Commission Standard Contractual Clauses and their United Kingdom and Swiss addenda, supplemented by reasonable technical and organizational safeguards.

Your privacy rights

Depending on where you live, you may have rights under applicable privacy laws, including the EU and UK General Data Protection Regulation, the California Consumer Privacy Act as amended, and similar US state laws. Those rights may include:

• Access — request a copy of the personal information we hold about you.
• Correction — ask us to correct inaccurate or incomplete information.
• Deletion — ask us to delete information, subject to legal retention obligations.
• Portability — receive certain information in a structured, commonly used, machine-readable format.
• Restriction and objection — restrict or object to certain processing, including direct marketing.
• Withdraw consent — withdraw consent at any time for processing based on consent, without affecting the lawfulness of earlier processing.
• Do not sell or share — we do not sell personal information or share it for cross-context behavioral advertising as defined under the California Consumer Privacy Act.
• Non-discrimination — we will not discriminate against you for exercising these rights.
• Lodge a complaint — residents of the EEA, the United Kingdom, and other applicable jurisdictions may lodge a complaint with their supervisory authority.
• To exercise these rights, contact [email protected]. We will verify your identity before acting on a request and respond within the timeframe required by applicable law.

Cookies, analytics, and Do Not Track

We use cookies and similar technologies for essential site functions (authentication, session management, security), analytics (understanding site performance and product usage), and limited advertising measurement. You can manage cookies through your browser settings; blocking cookies may affect site functionality.

Because there is no finalized industry standard for how businesses should respond to browser Do Not Track signals, we currently do not change our behavior based on DNT signals. We honor opt-out and deletion requests submitted through the rights process described above.

Retention

We retain information for as long as needed to provide the services, maintain business, financial, and tax records, resolve disputes, meet legal obligations, and support legitimate operational needs. Mythos audit artifacts generated under a customer engagement are retained for the life of the customer account plus a reasonable archival period, unless a written agreement or legal obligation requires a different period.

Security and breach notification

We use reasonable administrative, technical, and organizational safeguards appropriate to the nature of the information, including access controls, encryption in transit, and restricted credential handling. No internet service can be guaranteed to be perfectly secure. If we discover a security incident affecting your personal information, we will notify affected parties and the appropriate authorities as required by applicable law and on a timeline consistent with those requirements.

Children's privacy

The services are intended for business users and are not directed to children under 13. We do not knowingly collect personal information from children under 13.

Changes and contact

We may update this policy as the services change. The effective date above shows when this version took effect. Questions can be sent to [email protected].