PRIVACY POLICY

We collect information you provide and data generated automatically:

• -Account Information: Email, name, and authentication credentials when you create an account.
• -Payment Information: Billing details processed through our payment processor (we do not store full card numbers).
• -Usage Data: Features used, timestamps, API calls, and interaction patterns.
• -Device Information: Browser type, operating system, and device identifiers.
• -Agent Interaction Data: Prompts, responses, tool calls, and execution traces for audit and safety.

If you are in the EEA, we process data under these legal bases:

• -Contract Performance: Processing necessary to provide our services.
• -Legitimate Interests: Improving services, security, and fraud prevention.
• -Consent: Where you have given explicit consent (e.g., marketing).
• -Legal Obligation: Compliance with applicable laws.

• -Service Provision: Provide, maintain, and improve our services.
• -Transactions: Process payments and send related information.
• -Support: Respond to your questions and support requests.
• -Analytics: Monitor usage patterns to improve experience.
• -Security: Detect, prevent, and address security issues.

We do not sell your personal information. We may share data with:

• -AI Model Providers: Anthropic, OpenAI, Google for AI request processing.
• -Infrastructure: Cloud hosting, authentication, and analytics.
• -Payment Processors: Secure transaction processing.
• -Legal Requirements: When required by law or court order.

• -Account Data: Retained while active, plus 30 days after deletion.
• -Agent Logs: 90 days for audit, then anonymized or deleted.
• -Payment Records: 7 years as required by tax regulations.
• -Usage Analytics: Aggregated and anonymized after 12 months.

EEA residents have the following rights:

• -Access: Request a copy of your personal data.
• -Rectification: Request correction of inaccurate data.
• -Erasure: Request deletion ("right to be forgotten").
• -Restriction: Request restriction of processing.
• -Portability: Request data in machine-readable format.
• -Object: Object to processing based on legitimate interests.

Contact: [email protected]

• -Right to Know: Request disclosure of data collected, used, and shared.
• -Right to Delete: Request deletion of your personal information.
• -Non-Discrimination: We will not discriminate for exercising rights.

Submit requests: [email protected] with subject "CCPA Request"

We implement industry-standard security including encryption in transit (TLS) and at rest, access controls, and regular security audits. No method is 100% secure, but we are committed to protecting your data.