General ContextGeneral ContextJoin Waitlist

Privacy Policy

Last updated: February 23, 2026

Introduction

General Context (“we,” “our,” or “us”) operates the General Context platform, which provides UX attestation for AI-generated features. Our service validates that features work for all personas, edge cases, and accessibility requirements before they ship. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Organization name
  • Authentication credentials (managed securely via our authentication provider)

Codebase Data

When you connect your codebase for sandbox validation, we access and process:

  • Repository code: Source code from repositories you authorize us to access, used to build features in sandboxed environments
  • Build artifacts: Snapshots and build outputs generated during sandbox sessions
  • Sandbox results: Diffs, attestation reports, and validation findings produced by AI personas

Integration Data

When you connect third-party services, we access and process data from those services:

  • Slack: Messages and threads where you interact with our bot to describe feature ideas and receive attestation results
  • GitHub: Repository access for sandbox builds and pull request creation from validated features

Usage Data

We automatically collect certain information when you use our service:

  • Feature ideas submitted through Slack
  • Sandbox session metadata (duration, status, stack type)
  • Attestation results and validation outcomes
  • Device information and browser type
  • IP address and general location

How We Use Your Information

We use the information we collect to:

  • Build and validate features in sandboxed copies of your codebase
  • Run AI personas that test features for UX quality, edge cases, and accessibility
  • Generate structured attestation reports with findings traced back to your original intent
  • Create pull requests from validated features for engineering review
  • Send attestation results and sandbox status updates via Slack
  • Improve and optimize our service
  • Detect, prevent, and address technical issues or abuse

AI Processing

Our service uses artificial intelligence extensively. This includes:

  • Coding agents that build features against your real codebase in sandboxed environments
  • AI personas (first-time user, power user, edge-case finder, accessibility tester) that exercise features via browser automation
  • Intent classification to route your Slack messages to the appropriate pipeline
  • Attestation generation that traces findings back to your original feature spec

We use third-party AI providers (including Anthropic and OpenAI) for AI processing. Data sent to these providers is subject to their respective privacy policies. We do not use your data to train AI models.

Sandbox Isolation

All feature building and validation occurs in isolated sandbox environments:

  • Sandboxes have no access to your production environment or live data
  • Each sandbox session runs in an isolated container that is destroyed after completion
  • Code changes generated in sandboxes do not affect your production codebase unless explicitly graduated to a pull request
  • Sandbox snapshots are stored on encrypted volumes and scoped to your organization

Data Storage and Security

Your data is stored securely using industry-standard practices:

  • Data is stored in Supabase (PostgreSQL database) with encryption at rest
  • All data transmission is encrypted using TLS/SSL
  • Access tokens for integrations are encrypted and stored securely
  • Sandbox environments run on Modal with isolated compute and encrypted volumes
  • We implement access controls and audit logging

Data Sharing

We do not sell your personal information. We may share your data with:

  • Service Providers: Third-party services that help us operate our platform (hosting, authentication, AI processing, sandbox compute)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

Your Rights

You have the right to:

  • Access: Request a copy of the data we hold about you
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data, including sandbox snapshots and attestation history
  • Disconnect: Revoke access to any connected integrations at any time
  • Export: Request an export of your data in a portable format

To exercise these rights, contact us at privacy@general-context.com.

Data Retention

We retain your data for as long as your account is active or as needed to provide you services. Sandbox sessions and their artifacts are retained for 90 days by default. If you delete your account, we will delete your data within 30 days, except where we are required to retain it for legal or compliance purposes.

Third-Party Links

Our service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date. Material changes will be communicated via email.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

General Context
San Francisco, CA
privacy@general-context.com