Privacy Policy

Last updated: April 30, 2025

Definitions and Interpretation

In this Privacy Policy:

  • "GDPR" means the General Data Protection Regulation.
  • "CCPA" means the California Consumer Privacy Act.
  • "Personal Information" means information that identifies, relates to, describes, or could reasonably be linked to a particular individual.
  • "Service" refers to Cairn AI.
  • "We," "us," and "our" refers to Monument Applications LLC.

Overview

We prioritize your privacy and maintain minimal data collection practices. We never sell your data and only collect what's necessary to provide our service.

Information We Collect

  • Email address (for account identification)
  • Project files and chat history (temporarily stored for service functionality)

How We Use Your Information

  • Email address: Account identification and essential communications
  • Project files: Processed to provide AI assistance
  • Chat history: Maintained for context in conversations

Project files and chat history are automatically deleted after 7 days of inactivity.

Data Sharing

We share your data only with:

  • OpenAI (processes all queries)
  • Your chosen AI provider (Anthropic or Google, if selected)

We do not sell your personal information to anyone.

Data Storage and Security

  • All data is stored in the United States
  • Data is encrypted at rest using encrypted Linux partitions
  • All data transfer occurs via HTTPS

Your Rights

You have the right to:

  • Access your data
  • Delete your data
  • Export your data
  • Modify your data

You maintain a direct copy of all data (chat history and code files) that exists on our backend.

GDPR and CCPA Compliance

For EU/UK users (GDPR) and California residents (CCPA):

  • Data Controller: Monument Applications LLC
  • Legal basis for processing: Contract performance and legitimate interests
  • We do not sell personal information
  • Data is transferred to the US under Standard Contractual Clauses

Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of Colorado, United States, without regard to its conflict of law provisions.

Severability

If any provision of this Privacy Policy is found to be unenforceable or invalid, that provision shall be limited or eliminated to the minimum extent necessary so that this Privacy Policy shall otherwise remain in full force and effect.

Acceptance of Policy

By using our Service, you signify your acceptance of this Privacy Policy. If you do not agree to this policy, please do not use our Service.

Data Breach Procedures

In the event of a data breach affecting your personal information, we will notify you and relevant authorities as required by applicable law.

Changes to This Policy

We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

Dispute Resolution

If you have any concerns or disputes about our Privacy Policy, please contact us first. Any disputes shall be resolved in accordance with our Terms of Service.

Contact Us

For privacy-related questions: [email protected]