Privacy Policy

Last updated: March 5, 2025

1. Introduction

AgentShield ("we", "us", "our") operates the website useagentshield.com and the AgentShield API. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.

2. Information We Collect

Account Information

  • Email address
  • Company name (optional)
  • Password (stored as a hash, never in plain text)

API Event Data

When you send events through our API, we collect:

  • Agent name and event type
  • User input text (what a user asked your agent)
  • Agent output text (what your agent responded)
  • Action taken and monetary values (if provided)
  • Custom metadata (if provided)
  • Timestamp of the event

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers or bank details. We only store your Stripe customer ID and subscription ID for plan management.

Automatically Collected

  • IP address (for security and rate limiting)
  • Browser type and version (from HTTP headers)

3. How We Use Your Information

  • Service delivery: To analyze AI agent events, detect risks, and generate alerts
  • Account management: To authenticate you and manage your subscription
  • Communication: To send verification emails, alerts, and important service updates
  • Improvement: To improve our risk detection algorithms and service quality
  • Security: To detect and prevent fraud, abuse, and unauthorized access

4. Data Storage and Security

Your data is stored in a PostgreSQL database hosted on Render. We implement the following security measures:

  • All connections use HTTPS/TLS encryption
  • Passwords are hashed before storage
  • API keys are unique, randomly generated tokens
  • Database access is restricted to the application only

5. Data Sharing

We do not sell your data. We only share information with:

  • Stripe: For payment processing
  • Resend: For transactional email delivery
  • Render: As our hosting infrastructure provider

We may disclose information if required by law or to protect our rights and safety.

6. Data Retention

We retain your account data for as long as your account is active. Event data is retained for the duration of your subscription. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.

7. Your Rights

You have the right to:

  • Access: Request a copy of your data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and data
  • Export: Request your data in a portable format

To exercise these rights, contact us at noreplyagentshield@gmail.com.

8. Cookies

We use a single session cookie (session_id) to keep you logged in. We do not use tracking cookies or third-party analytics cookies.

9. Children's Privacy

AgentShield is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. The "Last updated" date at the top reflects the most recent revision.

11. Contact

For questions about this Privacy Policy, contact us at noreplyagentshield@gmail.com.