Agent-ShieldBack to Login

Privacy Policy

Last updated: January 6, 2025

1. Introduction

Agent-Shield ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service, including our website, APIs, and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Service.

2. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Password (encrypted and hashed)
  • Account creation date
  • Email verification status

Usage Data

When you use the Service, we automatically collect:

  • Agent call logs (timestamps, agent IDs, tool calls, security alerts)
  • API key metadata (key names, creation dates, last used dates, revocation status)
  • Security policies (policy names, rules, severity levels)
  • Monthly usage statistics (number of agent calls per month)
  • IP addresses (for security and abuse prevention)
  • Browser type and version
  • Device information

Agent Interaction Data

To provide security monitoring, we collect:

  • Agent prompts and inputs (for security analysis)
  • Tool names and function calls
  • Security verdicts (allow/block decisions)
  • Alert details (when security policies are triggered)
  • Agent metadata (agent IDs, names, descriptions)

Note: We do NOT store the actual responses or outputs from your agents - only the security-relevant metadata needed to protect your application.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Monitor and analyze agent security in real-time
  • Detect and prevent security threats, abuse, and fraud
  • Enforce our rate limits and usage policies
  • Send you technical notices, updates, and security alerts
  • Respond to your comments, questions, and customer support requests
  • Generate analytics and usage reports for your dashboard
  • Comply with legal obligations and enforce our Terms of Service

4. Data Storage and Security

Where We Store Your Data

Your data is stored securely using Google Firebase services, including:

  • Firebase Authentication: Account credentials and authentication tokens
  • Cloud Firestore: Agent calls, policies, alerts, and usage data
  • Cloud Functions: Real-time security processing

All data is stored in Google Cloud Platform data centers with enterprise-grade security and encryption at rest and in transit.

Security Measures

We implement industry-standard security measures to protect your data:

  • SSL/TLS encryption for all data transmission
  • Encrypted password storage using bcrypt hashing
  • API key encryption and secure key management
  • Firestore security rules to prevent unauthorized access
  • Regular security audits and monitoring
  • Rate limiting to prevent abuse

Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you via email within 72 hours of becoming aware of the breach, as required by applicable data protection laws.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service:

  • Account data: Retained until you delete your account
  • Agent call logs: Retained for 90 days for analytics and security purposes
  • Security alerts: Retained for 90 days or until manually dismissed
  • Usage statistics: Retained for 12 months for billing and analytics
  • API keys: Retained indefinitely until manually revoked

After you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain certain information for legal or regulatory purposes.

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: We share data with Google Firebase and Google Cloud Platform to provide hosting, storage, and infrastructure services.
  • Legal Requirements: We may disclose your information if required by law, court order, or government regulation, or to protect our rights and safety.
  • Business Transfers: If Agent-Shield is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • With Your Consent: We may share your information for any other purpose with your explicit consent.

7. Your Rights and Choices

You have the following rights regarding your personal information:

Access and Portability

You can access and export your data at any time through your dashboard. Contact us at support@agent-shield.com to request a complete copy of your data.

Correction

You can update your account information (email) through your account settings page.

Deletion

You can delete your account at any time through your settings page or by contacting us. Upon deletion, all your personal data will be removed within 30 days.

Objection and Restriction

You can object to or restrict certain data processing activities by contacting us. However, this may limit your ability to use certain features of the Service.

Opt-Out

You can opt out of marketing emails by clicking the "unsubscribe" link in any email we send. Note that you cannot opt out of essential service-related emails (e.g., security alerts, account notifications).

8. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your personal data based on:

  • Consent: You have given explicit consent for us to process your data
  • Contract: Processing is necessary to perform our contract with you (Terms of Service)
  • Legitimate Interests: Processing is necessary for our legitimate interests (e.g., fraud prevention, security)

Data Protection Officer

For GDPR-related inquiries, please contact our data protection officer at: privacy@agent-shield.com

Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

9. Children's Privacy

Agent-Shield is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you are under 13, please do not use the Service or provide any information to us.

If we learn that we have collected personal information from a child under 13, we will delete that information as quickly as possible. If you believe we have collected information from a child under 13, please contact us at support@agent-shield.com.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to provide and improve the Service:

  • Authentication Cookies: To keep you logged in and maintain your session
  • Preference Cookies: To remember your settings (e.g., theme, language)
  • Analytics: To understand how users interact with the Service (we use Firebase Analytics)
  • Security: To detect and prevent fraudulent activity

You can control cookies through your browser settings. However, disabling cookies may affect your ability to use certain features of the Service.

11. International Data Transfers

Agent-Shield is based in the United States. If you are accessing the Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

By using the Service, you consent to the transfer of your information to the United States and other countries that may have different data protection laws than your country of residence. We ensure that such transfers comply with applicable data protection laws through appropriate safeguards such as standard contractual clauses.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date at the top of this Privacy Policy
  • Sending you an email notification (for material changes)

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated terms.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: support@agent-shield.com

Privacy Inquiries: privacy@agent-shield.com

GDPR Inquiries: privacy@agent-shield.com

We will respond to your inquiry within 30 days.

Terms of ServiceBack to Home