Privacy Policy

1. Introduction

Contextra Labs ("we", "our", "us") operates the Contextra Labs Governance extension for Azure DevOps and the website at contextra-labs.com. This Privacy Policy explains how we collect, use, and protect information when you use our extension and visit our website.

2. Information We Collect

Extension Usage

Contextra Labs Governance is a zero-backend, client-side extension. We do not collect, transmit, or store your documentation content, wiki pages, or governance data on any external servers. All data remains within your Azure DevOps environment, specifically:

• Documentation content is stored in your Azure DevOps Wiki Git repository
• Governance metadata (approval records, lifecycle states, audit logs) is stored alongside your wiki pages as JSON files in the same repository
• Offline data is stored locally in your browser's IndexedDB storage

Website

When you visit our website at contextra-labs.com, we may collect:

• Standard web server logs (IP address, browser type, pages visited)
• Information you voluntarily provide when contacting support via email

3. How We Use Information

We use the limited information we collect to:

• Respond to support requests and inquiries
• Improve our website and extension
• Ensure the security and stability of our services

We do not sell, rent, or share your personal information with third parties for marketing purposes.

4. Data Storage & Security

Since Contextra Labs Governance operates entirely within your Azure DevOps environment:

• Your documentation data never leaves Azure DevOps. We have no access to your wiki content, governance records, or audit logs.
• All data is protected by your organization's existing Azure DevOps security policies, permissions, and access controls.
• The extension uses Azure DevOps REST APIs and Git APIs to read and write data — all authenticated through your organization's Azure DevOps identity provider.
• Offline data stored in IndexedDB is local to your browser and device.

5. Third-Party Services

The extension integrates with the following services, all within the Azure DevOps ecosystem:

• Azure DevOps REST APIs — for wiki operations, work item linking, and user identity resolution
• Azure DevOps Git APIs — for reading and writing wiki content and governance metadata
• Draw.io (diagrams.net) — embedded diagramming editor; diagram data is stored in your wiki repository, not on Draw.io servers

No data is sent to any other third-party analytics, tracking, or advertising services by the extension.

6. Azure DevOps Permissions

The extension requests the following Azure DevOps scopes, used solely for its documented functionality:

• vso.wiki — read and write wiki pages
• vso.work — link work items to documentation pages
• vso.graph — resolve user identities for reviewer assignment

These permissions are managed by your Azure DevOps organization administrator and can be revoked at any time by uninstalling the extension.

7. Your Rights

You have the right to:

• Access — request information about any personal data we hold
• Deletion — request deletion of personal data (e.g., support email correspondence)
• Data portability — your documentation data is already in your Azure DevOps environment and fully portable
• Uninstall — remove the extension at any time; all governance data remains in your wiki repository and is accessible as standard files

8. Children's Privacy

Our extension and website are not directed at children under the age of 13. We do not knowingly collect personal information from children.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. We encourage you to review this page periodically.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

support@contextra-labs.com