Privacy terms aligned to CTL Web's implemented data flows.

1. Scope

This Privacy Policy applies to CTL Web and related Core Trail Labs surfaces implemented with this repository, including the public website, account registration and login pages, user and admin pages, checkout review and optional prefill flows, desktop auth handoff routes, and CTL Web diagnostics artifacts.

A separate authentication, billing, or third-party service may apply additional privacy terms if you are redirected away from CTL Web.

2. Information you provide directly

You may provide account and operational information directly when using CTL Web.

In the current implementation, CTL Web does not intentionally collect payment card numbers on this surface, and the review flow states that payment and full billing details are handled separately when secure checkout is active.

• Email address and password when you register, sign in, or reset access.
• Verification request data needed to send an email verification message, including email address, user ID, and verification token.
• Optional checkout prefill data you choose to enter, such as billing email, full name, and company name.
• Any information you intentionally submit through account, workspace, or admin actions.

3. Information received from CTL control-plane and auth services

CTL Web receives account and subscription context from linked control-plane and authentication endpoints in order to render the correct user state and enforce access boundaries.

• User identifiers, workspace identifiers, and email address.
• Lifecycle state, default route, roles, and entitlement flags such as launcher, product, or admin access.
• Subscription details such as state, plan ID, billing mode, and account or workspace assignment.
• Limited account snapshot data used to complete desktop launcher sign-in flows.

4. Cookies, session storage, and browser-local state

CTL Web uses cookies and browser session storage to preserve login state, synchronize auth context, and keep temporary checkout state across pages.

These values are controlled by the browser session, explicit logout or clearing actions, and token expiry settings used by the application.

• `ctl_user_access_token` in cookies and session storage for short-lived authenticated access.
• `ctl_user_refresh_token` in cookies and session storage for longer-lived session continuation where available.
• Checkout selection, checkout prefill, activation summary, and checkout session records stored in browser session storage.
• Theme preferences and other non-account client display state when relevant to the current page.

5. Diagnostics and telemetry we keep

CTL Web records limited operational diagnostics to help with debugging, integrity checks, and support workflows. The diagnostics policy in this repository is intentionally bounded.

• Endpoint availability counters and event classes such as timeout, 5xx, malformed envelope, or blocked responses.
• Last reason code and support code associated with endpoint failures.
• Admin claim verification failure counters by reason code.
• API mode-switch counters.
• JWKS cache, fetch, failure, rotation, and unknown-key signals used for admin claim verification health.

6. Diagnostics and telemetry we do not intend to keep

The repository's diagnostics policy is designed to avoid persisting raw secrets or full identity payloads in its operational store.

Specifically, CTL Web diagnostics are intended not to store raw JWTs, JWT signatures, subject identifiers, full claim payloads, session cookies or headers, private keys, or other secrets.

7. How we use information

Core Trail Labs uses the information processed by CTL Web to operate the service, authenticate users, render the correct account and subscription state, verify email ownership, support desktop auth handoff, and protect the integrity of the platform.

We also use limited diagnostics and telemetry to detect failures, abuse, authorization problems, and runtime readiness issues.

8. Sharing and service providers

We may share data with the control-plane, authentication, hosting, logging, and email-delivery services that are needed to operate CTL Web.

For example, verification emails may be sent through configured SMTP infrastructure, and account or entitlement reads may be fulfilled by linked CTL backend services.

This repository does not describe CTL Web as selling personal information.

9. Retention

Browser-side tokens and session state generally remain until they expire, are refreshed, are cleared by the application, or are removed by you. Short-lived access cookies are configured for approximately fifteen minutes, while refresh cookies may persist longer when enabled.

Checkout prefill and related browser session values persist only in client-side session storage unless moved to another system by a later authenticated flow.

Diagnostics files are treated as operational artifacts. The repository guidance states they should not be committed as environment-specific runtime dumps unless needed for QA evidence workflows.

10. Security

CTL Web uses technical and architectural controls such as bounded diagnostics, token handling, authorization checks, and fail-closed integration patterns to reduce risk.

No system is perfectly secure, so you should also protect your credentials, devices, and local browser session.

11. Your choices and updates

You can choose not to provide optional checkout prefill information, sign out to clear active session state, and clear relevant browser cookies or session storage on your device.

Core Trail Labs may update this Privacy Policy from time to time. When it does, it will post the revised version here and update the effective date.

12. Questions

For privacy questions about CTL Web, use the official contact, support, or account-management channels published by Core Trail Labs on its website or within authenticated workspace surfaces.