Privacy Policy

Last updated: 2026-06-19

Placeholder. Engage counsel before public launch.

What we collect

• Account info (email; name if provided)
• Billing info (handled by Stripe — we never see your card number)
• Operational telemetry (IP, user-agent, timestamps for each request)
• API keys you upload via BYO (encrypted at rest, never logged)
• Audit log of billing changes, instance lifecycle, and key operations

What we don't collect

We never read the contents of your agent's files, conversations, or uploads. Backups are blob snapshots stored encrypted at our cloud provider; we do not introspect them.

Sharing

We share data only with subprocessors needed to run the service — Stripe (billing), DigitalOcean (compute & backups), Postmark (email), Sentry (errors), Tailscale (network). We don't sell data, ever.

Your rights

You can request export or deletion of your account data at any time by emailing hello@example.com. We respond within 30 days.

Retention

Account data is retained while your account is active. After account deletion: VPS destroyed immediately; snapshots retained 30 days then deleted; ledger anonymized after 7 years (tax purposes).

Security

Encryption in transit (HTTPS/TLS) and at rest (Rails encryption for sensitive fields, provider-side disk encryption for backups). Per-account isolation enforced at the model layer with automated tests asserting cross-account access is blocked.