Back to Home

Privacy Policy

Last updated: May 22, 2026. Your privacy matters to us. This policy explains how AgentX collects, uses, and protects your data.

1. Information We Collect

AgentX collects only the information strictly necessary to provide and improve our services. This includes: your email address and display name provided during account registration; API usage telemetry such as agent invocation counts, task completion rates, and error logs; hardware verification identifiers used exclusively for access control; and session tokens managed by our authentication provider (Supabase) to maintain secure login state.

We do not collect browsing history outside of our application, personal financial information beyond what is required for billing, or the contents of your local development files unless you explicitly submit them through our agent services.

2. How We Use Your Information

Your information is used to authenticate and authorize access to the AgentX platform, process credit-based billing transactions, provide real-time system health monitoring and guardian alerts, improve agent performance through aggregated, anonymized usage analytics, and communicate critical security updates or service announcements. We never sell, rent, or share your personal data with third-party advertisers.

3. Data Storage & Security

All user data is stored in Supabase-hosted PostgreSQL databases with row-level security enabled. Authentication tokens are encrypted using industry-standard AES-256 encryption. API keys are never stored in plaintext and are transmitted exclusively over HTTPS connections. The AgentX chaos engine operates in an isolated sandbox environment — injected fault vectors never interact with real production data or user-owned infrastructure unless explicitly configured by an authorized administrator.

Our server-side proxy architecture ensures that all backend communication is authenticated at the edge, preventing unauthorized access even in the event of endpoint discovery. Hardware verification locks add an additional layer of physical security to prevent credential reuse across unauthorized devices.

4. Data Retention

Active account data is retained for the duration of your subscription. Upon account deletion, all personal data is purged from our primary databases within 30 days. Anonymized usage aggregates may be retained indefinitely for platform improvement purposes. Chaos engine logs and attack simulation results are retained for 90 days for audit and compliance purposes, then automatically purged.

5. Your Rights

You have the right to access, correct, or delete your personal data at any time. You may export your account data in a machine-readable format by contacting our support team. You may withdraw consent for non-essential data processing at any time without affecting core platform functionality. If you are a resident of a jurisdiction with specific data protection laws (such as GDPR or local privacy regulations), you retain all rights granted under those frameworks.

6. Cookies & Local Storage

AgentX uses browser local storage to maintain session state (authentication tokens), user theme preferences, and hardware verification status. We do not use third-party tracking cookies. Essential cookies are used solely for authentication and security purposes through our Supabase integration. No advertising or analytics cookies are deployed.

7. Third-Party Services

AgentX integrates with Supabase for authentication and database management, and our backend infrastructure runs on privately hosted servers. Each third-party provider is contractually obligated to maintain data protection standards equivalent to our own. We do not integrate with any third-party analytics, advertising, or data brokerage services.

8. Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices or applicable regulations. Material changes will be communicated via email to registered users at least 14 days before taking effect. Continued use of the platform after changes take effect constitutes acceptance of the updated policy.

9. Contact

For privacy-related inquiries, data access requests, or to report a data concern, contact us at privacy@agentx.io. We aim to respond to all privacy requests within 7 business days.