Effective Date: March 29, 2026 | Last Updated: March 29, 2026
Account Data: Email address, display name, hashed password, subscription tier.
Usage Data: Queries submitted, council sessions, agent interactions, API usage metrics.
API Credentials: Third-party API keys you provide (Anthropic, OpenAI, Google, Mistral) — stored encrypted.
Payment Data: Processed by our payment provider (Stripe). We do not store credit card numbers.
Marketplace Data: Agent listings, reviews, purchase history.
Passwords: bcrypt hashed (never stored in plaintext).
API keys (yours): SHA-256 hashed. The full key is shown once at creation and never again.
Third-party API keys: Stored with encryption at rest.
Session data: Stored in our database, accessible only to your account.
Account data: Retained while your account is active. Deleted within 30 days of account deletion.
Query history: Retained for 90 days, then automatically purged.
API logs: Retained for 30 days for debugging and abuse detection.
You may: access your data, request deletion, export your data, update your information, and withdraw consent for optional processing. Contact [email protected].
When you use third-party models (Anthropic, OpenAI, etc.), your query content is sent to those providers subject to their privacy policies. When using the platform default (Qwen 3 8B), queries are processed on our own infrastructure.
We use minimal cookies: a JWT authentication token stored in localStorage (not a cookie). No third-party tracking cookies.
Privacy inquiries: [email protected]