Legal

Privacy Policy

How CrossRow collects, uses, and protects your information. We keep this deliberately short and specific, because a privacy policy you cannot read is not much of a promise.

Effective 14 July 2026

This policy explains what personal information CrossRow (“CrossRow,” “we,” “us”) collects when you use our website and application at crossrow.ai and app.crossrow.ai (the “Service”), how we use it, and the choices you have. CrossRow generates synthetic data, so by design the Service does not require you to upload real customer or production data.

1. Information we collect

We collect only what we need to run the Service:

We do not use advertising or analytics tracking cookies. Your session token is stored in your browser’s local storage to keep you signed in, not in a tracking cookie.

2. How we use your information

We do not sell your personal information, and we do not use your submitted schemas or generated data to train our own models.

3. Language-model processing

CrossRow uses large language models to infer the structure of your schema, plan how each column should be generated, and evaluate the quality of the output. To do this, your schema descriptions and small samples of generated data are sent to our language-model providers (currently OpenAI and Anthropic) solely to perform these tasks and return a result. Because the Service generates synthetic data, this material describes the shape of data you want, not your real records.

4. Service providers (sub-processors)

We rely on a small set of infrastructure and processing providers who handle data on our behalf under their own security and privacy commitments:

5. Data retention

We retain your account information for as long as your account is active. Generated datasets remain in your storage until you delete them or close your account. When you delete data or your account, we remove the associated content from active systems, subject to routine backups that expire on a rolling basis.

6. Security

We protect your information with encryption in transit, access controls, and reputable cloud infrastructure. No system is perfectly secure, but because the Service does not require real production data, the sensitivity of what you place in it is materially lower than a system that ingests live records.

7. Your rights

You may access, correct, export, or delete your account information and generated data at any time from within the application, or by contacting us. Depending on where you live, you may have additional rights under laws such as the GDPR or CCPA, including the right to object to or restrict certain processing. We honor valid requests to exercise these rights.

8. International users

CrossRow is operated from and hosted in the United States. If you access the Service from outside the United States, you understand that your information will be processed in the United States.

9. Children

The Service is intended for business use and is not directed to children under 16. We do not knowingly collect personal information from children.

10. Changes to this policy

We may update this policy as the Service evolves. When we make material changes, we will update the effective date above and, where appropriate, notify you.

11. Contact

Questions about this policy or your data can be directed to our contact form.

Terms of Service →