Privacy Policy

1. Information We Collect

Account Information: Name, email address, and company name when you create an account.

Skill Files: Code and configuration files you submit for vetting and listing on the marketplace.

Payment Information: Payment processing is handled by Stripe. We do not store credit card numbers. Stripe processes transactions in accordance with PCI-DSS standards.

Usage Data: How you interact with the Service, including pages visited, features used, and timestamps.

Vetting Data: Scan results, sandbox execution traces, and security analysis generated during the vetting process.

2. How We Use Your Information

• To provide and maintain the Service
• To process vetting submissions and assign verification tiers
• To send notifications about vetting results, purchases, and account activity
• To process payments and manage subscriptions
• To improve our Service through analytics and usage patterns
• To communicate important updates and changes

3. Third-Party Services

We use the following third-party services that may process your data:

• Clerk — Authentication and identity management. See clerk.com/privacy
• Stripe — Payment processing. Card data never touches our servers. See stripe.com/privacy
• Resend — Email delivery for notifications. See resend.com/privacy
• Turso — Database hosting. See turso.tech/privacy
• Vercel — Application hosting and deployment. See vercel.com/privacy

4. Cookies and Tracking

We use minimal cookies necessary for authentication and security. We do not use advertising trackers, sell user data, or employ cross-site tracking. Essential cookies include session tokens managed by Clerk for authentication.

5. Data Retention

• Active accounts: Data is retained for the duration of your account
• Deleted accounts: Personal data is deleted within 30 days of account deletion
• Vetting traces: Stored for quality improvement and audit purposes
• Transaction records: Retained as required by financial regulations

6. Your Rights

You have the right to:

• Access — Request a copy of your personal data
• Correction — Update or correct your information
• Deletion — Request deletion of your personal data
• Export — Download your data in a portable format
• Opt-out — Unsubscribe from non-essential communications

To exercise these rights, contact hello@agentvet.io.

7. Vetting Data

When you submit a skill for vetting, our system analyzes the code through static scanning and optional sandbox execution. This generates security reports and execution traces. These traces are stored to:

• Provide you with detailed vetting feedback
• Improve our vetting algorithms over time
• Maintain an audit trail for trust and transparency

8. Security

We implement reasonable security measures including encryption in transit (TLS), access controls, and secure authentication via Clerk. Sandbox testing runs in isolated Docker containers to prevent submitted code from affecting our systems. However, no system is completely secure, and we cannot guarantee absolute security.

9. Children's Privacy

AgentVet is not directed at children under 13. We do not knowingly collect personal information from children. If we learn we have collected data from a child under 13, we will delete it promptly.

10. International Users

AgentVet is a global service. If you are accessing the Service from the European Economic Area (EEA), you have additional rights under GDPR, including the right to lodge a complaint with your local supervisory authority. We process data based on legitimate interest and contractual necessity.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via email at least 30 days before taking effect. Your continued use of the Service after changes constitutes acceptance.

12. Contact

For privacy-related questions or data requests, contact hello@agentvet.io.