Agently Logo
Sign-in

Privacy Policy

Last updated: May 26, 2025

Welcome to Agently.gg (the "Site"), operated by Agently ("we", "us", "our"), based in Ireland. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at contact@agently.gg, specifying 'Privacy Inquiry' in the subject line.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website Agently.gg, including any other media form, media channel, mobile website, or mobile application related or connected thereto (collectively, the "Site"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.

1. Information We Collect

We collect personal information that you voluntarily provide to us when you register on the Site, express an interest in obtaining information about us or our products and services, when you participate in activities on the Site (such as creating, discovering, or using AI agents), or otherwise when you contact us.

The personal information that we collect depends on the context of your interactions with us and the Site, the choices you make, and the products and features you use. The personal information we collect may include the following:

  • Personal Information Provided by You: We collect names; email addresses; and usernames. If you register using email and a One-Time Password (OTP), we verify your email address via OTP but do not store passwords. We also collect contact preferences and other similar information you may provide.
  • Authentication Data: If you choose to register or log in to our services using a third-party account (like Google or GitHub), we will collect information that your authentication provider shares with us, typically your name, email address, and profile picture. We only collect the default information provided by these services and do not request additional permissions beyond what is necessary to create and manage your account. If you register directly via email, we collect your email address and verify it using a One-Time Password (OTP) system; we do not store traditional passwords.
  • User-Generated Content: We collect data you provide when you create, register, or list AI agents on our platform. This includes agent configurations, parameters, metadata (as per the A2A Agent Card specification, which may include the agent's publicly accessible endpoint URL), and descriptions you provide for your agent. You do not upload agent executable files directly to our platform; rather, you provide the necessary information for our platform to route requests to your agent's endpoint.
  • Usage Data: We may collect data about how you use our Site and services, such as which agents you interact with, features you use, and the frequency and duration of your activities. This also includes logs related to agent invocations and performance, which may be processed by our backend services (e.g., AWS Lambda).

Information automatically collected:

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Site or use our services.

We automatically collect certain information when you visit, use, or navigate the Site. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, general location (e.g., city derived from IP address), information about how and when you use our Site, and other technical information. This information is primarily needed to maintain the security and operation of our Site and services, and for our internal analytics and reporting purposes. Additionally, we use Vercel Web Analytics to gather insights into website traffic and user behavior, which also collects similar device and usage information. This data helps us understand how our Site is used and improve its performance and user experience.

When you use AI agents on our platform through your account, our backend services, such as those running on AWS Lambda, may automatically log information about the agent invocation. This can include execution metadata, errors, and performance metrics. These logs are used for monitoring, debugging, and improving the service, and are subject to the data retention policies described in Section 5.

Public API Usage: If you use any of our public APIs without being authenticated (logged into an account), we automatically collect your IP address and details of your API request (such as the agent ID being queried or the API endpoint accessed) for the purposes of rate limiting, security monitoring, preventing abuse, and operational stability. Your use of such public APIs constitutes your understanding and acceptance of this specific data collection practice for these legitimate operational and security purposes.

Like many businesses, we also collect information through cookies and similar technologies. You can find out more about this in section 8 below.

1.1. Data You Send to Third-Party Agents

Our platform, Agently.gg, allows you to discover and interact with AI agents ("Agents") that are developed, hosted, and operated by independent third-party creators ("Creators"). When you send data, prompts, or any other information to an Agent through our Service, that information is transmitted from our Service directly to the endpoint URL specified and controlled by the Creator of that Agent.

Creators are solely and independently responsible for their own data processing practices for any information or data you send to their Agent. This includes how they collect, use, store, secure, and share such data. Agently does not control, and is not responsible or liable for, the data privacy, security practices, or content of any Creator or their Agent once your data is transmitted to their endpoint.

This Privacy Policy describes how Agently collects, uses, and shares *your* information related to *your use of the Agently.gg platform itself* (e.g., account information, platform usage logs). It does *not* govern the data processing practices of third-party Creators for data you send to their Agents. We strongly advise you to review any terms of service or privacy policies provided by Creators for their Agents before sending them any personal, confidential, or sensitive information. Your interaction with any Agent and your decision to send data to a Creator's endpoint are entirely at your own risk.

1.2. Transaction and Operational Data

In addition to the information outlined above, we collect and process the following operational data necessary for providing our Service:

  • Agent Invocation Logs: When you interact with an agent through our platform, we log specific metadata about the interaction, including the agent ID, timestamps, mode configuration, status codes, credit usage, and request/response summaries. These logs are necessary for operational purposes (debugging, security monitoring), credit processing (including automatic refunds), and providing services to you. These logs do not include the full content of your messages to agents, but may include message metadata such as length and type.
  • Credit Transaction Records: We maintain records of all credit transactions, including purchases, deductions, and refunds. This includes automatic refunds processed when agent endpoints return errors or are unavailable. These records are necessary for billing, accounting, fraud prevention, and supporting the financial aspects of our platform.
  • API Key Usage Data: If you use API keys to access our Service, we collect data about API key usage patterns, including request frequencies, endpoints accessed, IP addresses, and timestamps. This information is necessary for rate limiting, security monitoring, and preventing abusive usage patterns.
  • Performance and Error Metrics: We collect data about system performance, error rates, and other technical metrics necessary to monitor and improve the Service. This includes data about agent endpoint availability, response times, and error rates (used for automatic refund processing).

All transaction and operational data is collected and processed based on the legal basis of legitimate interests (for security and operational stability), performance of a contract (providing the agreed services to you), and legal obligations (financial record-keeping requirements).

2. How We Use Your Information

In Short: We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.

We use personal information collected via our Site for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds (legal basis) we rely on next to each purpose listed below.

  • To facilitate account creation and logon process. (Performance of a Contract) If you choose to link your account with us to a third-party account (such as your Google or GitHub account), we use the information you allowed us to collect from those third parties to facilitate account creation and logon process.
  • To provide and maintain our Service. (Performance of a Contract) We use your information to operate and maintain your Agently account and the services you request, including enabling the discovery, creation, and utilization of AI agents, and processing agent invocations via backend services like AWS Lambda.
  • To manage user accounts. (Performance of a Contract, Legitimate Interests) We may use your information for the purposes of managing your account and keeping it in working order, and for administrative communications.
  • To process transactions and manage credits. (Performance of a Contract) We use transaction data and agent interaction logs to process credit deductions, automatic refunds for failed agent invocations, and to maintain accurate records of your credit usage and balance. This processing is essential to the financial aspects of our Service, including the automatic detection of refund-eligible scenarios when agent endpoints return errors.
  • To implement rate limiting and API management. (Legitimate Interests) We process API request data, including request frequency, IP addresses, and authentication information, to enforce rate limits, prevent abuse, and maintain platform stability. This processing is automated and may result in temporary or permanent restrictions on access to certain features if abuse is detected.
  • To send administrative information to you. (Legitimate Interests) We may use your personal information to send you product, service, and new feature information and/or information about changes to our terms, conditions, and policies.
  • To protect our Services. (Legitimate Interests) We may use your information as part of our efforts to keep our Site safe and secure (for example, for fraud monitoring and prevention).
  • To personalize and improve your experience. (Legitimate Interests, Consent for non-essential personalization) We may use information about your usage to understand your preferences and personalize your experience on Agently, as well as to improve the Site, our services, and user experience.
  • For analytics and reporting. (Legitimate Interests) We may use aggregated and anonymized data for internal analytics, to understand usage trends, and to improve our platform.
  • To respond to user inquiries/offer support to users. (Performance of a Contract, Legitimate Interests) We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services.
  • To enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements, or in connection with our contract. (Legal Obligation, Legitimate Interests, Performance of a Contract)
  • To respond to legal requests and prevent harm. (Legal Obligation) If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

2.1. Automated Decision-Making and Credit Processing

Our platform employs certain automated decision-making processes to operate efficiently, particularly related to credit transactions, rate limiting, and agent interactions. These automated processes include:

  • Automatic Credit Deductions and Refunds: Our system automatically deducts credits before processing agent requests and automatically refunds credits when certain failure conditions are met (such as agent endpoint errors or unavailability). This processing is necessary for the performance of our contract with you and our legitimate interest in maintaining an efficient platform.
  • Rate Limiting Enforcement: Our system automatically monitors request rates and applies temporary restrictions when limits are exceeded. This is based on our legitimate interest in preventing abuse and ensuring platform stability.
  • Fraud and Abuse Detection: Automated systems monitor for patterns that may indicate fraudulent activity or platform abuse. This processing is based on our legitimate interest in protecting our platform and users.

Under the GDPR and similar regulations, you have certain rights regarding automated decision-making. While most of our automated processes are necessary for contract performance or based on legitimate interests, you may contact us if you wish to:

  • Express your point of view about an automated decision
  • Obtain an explanation about an automated decision
  • Request human intervention in reviewing a decision (where feasible and appropriate)

Please note that exercising these rights may affect our ability to provide certain services to you, particularly those that rely on real-time automated processes like credit deductions and refunds.

3. Sharing Your Information

In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.

We may process or share your data that we hold based on the following legal basis:

  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

  • Service Providers: We may share your information with third-party vendors, service providers, contractors, or agents ("Service Providers") who perform services for us or on our behalf and require access to such information to do that work. We have Data Processing Agreements (DPAs) or equivalent contractual terms in place with these Service Providers where required by applicable data protection laws (like GDPR), obligating them to protect your personal information and only process it according to our instructions and for specified purposes. These providers are not permitted to use or disclose your information for any other purpose. The categories of Service Providers we use include:
    • Data Storage and Database Services: We use Supabase (Supabase Privacy Policy) for our primary database and backend infrastructure. Supabase stores your account information, user-generated content (like Agent configurations), and other data essential for the Service. Their DPA, which includes Standard Contractual Clauses (SCCs) for international data transfers, governs their processing of your data on our behalf. Supabase is typically SOC 2 Type 2 compliant.
    • Authentication Services: We utilize Supabase Auth (covered by Supabase's DPA and privacy policy) for user authentication, integrating with providers like Google, GitHub, and email OTP. This involves processing your authentication credentials and basic profile information from these providers as you direct.
    • Web Hosting, Content Delivery, and Analytics: Our Site is hosted by Vercel (Vercel Privacy Policy). Vercel processes data to deliver our website content to you globally and provides Vercel Web Analytics for insights into website traffic and user behavior. Their DPA, which includes SCCs, governs their data processing activities. Vercel is typically SOC 2 Type 2 and ISO 27001 compliant. You can learn more about Vercel's data practices for analytics in their Web Analytics Privacy Policy.
    • Backend Processing and Computation: Certain backend functionalities, including aspects of AI agent invocation routing and processing, are handled by services running on AWS Lambda, part of Amazon Web Services (AWS Privacy Notice). AWS acts as a data processor for this data. AWS provides a GDPR-compliant DPA, which includes SCCs, covering their processing activities. AWS is responsible for the security *of* the cloud, while we are responsible for security *in* the cloud.
    • Secure Storage for Agent Authentication Secrets: We use AWS Secrets Manager to securely store authentication credentials for AI agents that require them. This service is used to protect these specific secrets and does not directly store personal user information for general processing, but is part of our overall secure infrastructure.
    • Payment Processing: We use Stripe (Stripe Privacy Policy) for processing payments for platform Credits and for handling payouts to Agent Creators. When you make a purchase or set up payouts, your payment information (like credit card details or bank account information for payouts) is provided directly to Stripe. Stripe acts as a data processor for the payment transactions initiated by you on our platform. Importantly, Stripe also acts as an independent data controller for certain data processing activities, such as for its own legal and regulatory compliance, fraud prevention, and service improvement. We have a DPA with Stripe that governs its processing of data on our behalf and addresses international data transfers using mechanisms like SCCs or reliance on the EU-US Data Privacy Framework. Agently does not store your full payment card details; we may store transaction history, purchase details, and payout records for operational, accounting, and tax purposes.
    You acknowledge that by using our Service, your information will be processed by these Service Providers as described. We take steps to ensure these providers offer sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of GDPR and ensure the protection of your rights.
  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Publicly Visible Information: Certain information you provide, such as your username and any AI agents you choose to make public (including their metadata/Agent Card), will be visible to other users of the Site.
  • Aggregated or Anonymized Data: We may share aggregated or anonymized information that does not directly identify you with third parties for research, analytics, or other purposes.

4. International Data Transfers

In Short: Your information may be transferred to and processed in countries other than your own. Our service providers (Supabase, Vercel, AWS, Stripe) operate globally, and we ensure appropriate safeguards are in place for such transfers, particularly for data originating from the EEA, UK, or Switzerland.

Our servers and operations may be located in various regions, and we utilize third-party Service Providers as detailed in Section 3 (Sharing Your Information) – notably Supabase, Vercel, AWS, and Stripe – who operate globally. This means your personal information may be transferred to, stored, and processed in countries outside of your country of residence, including countries outside the European Economic Area (EEA), UK, or Switzerland, such as the United States. These countries may have data protection laws that are different from, and potentially less protective than, the laws of your country.

When we transfer your personal information to these third countries, we take legally required steps to ensure that appropriate safeguards are in place to protect your personal information. For data originating from the EEA, UK, or Switzerland, we rely on:

  • Adequacy Decisions: Where the European Commission or relevant UK/Swiss authority has decided that a third country ensures an adequate level of protection.
  • Standard Contractual Clauses (SCCs): We ensure that transfers to our Service Providers in third countries that do not have an adequacy decision (like the United States for certain data) are typically covered by SCCs as approved by the European Commission (or the UK Information Commissioner's Office for UK data transfers, or Swiss equivalents). These are contractual commitments between us and the Service Provider ensuring the protection of your personal information. Our DPAs with AWS, Supabase, Vercel, and Stripe incorporate these SCCs or equivalent mechanisms.
  • Other Valid Transfer Mechanisms: In some cases, Service Providers like Stripe may also rely on their certification under frameworks such as the EU-U.S. Data Privacy Framework (and its UK Extension, and the Swiss-U.S. Data Privacy Framework), where applicable, as a valid mechanism for transferring personal data to the United States.
By using our Site and services, you understand that your information may be transferred to our facilities and to those third parties with whom we share it as described in this Privacy Policy. If you have questions or would like more information about the specific safeguards we use for international data transfers, please contact us using the details provided in Section 11 (Contact Us).

5. Data Retention

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). Generally, this means we will retain your personal information for as long as you maintain an account with us.

Logs generated by our backend services (e.g., AWS Lambda via CloudWatch Logs) that are not directly tied to user accounts or financial transactions are retained according to a configurable retention period, which is set to balance operational needs (like debugging and monitoring) with data minimization principles. By default, CloudWatch Logs may be kept indefinitely, but we configure specific retention periods (e.g., 30-90 days, or as needed for security and operational integrity, but no longer than necessary). You can inquire about specific log retention periods by contacting us.

When you request to delete your account, we will delete or anonymize your personal information from Agently\'s active systems, subject to certain exceptions. Specifically concerning Agent Invocation Logs (`agent_logs`): if you are the user who initiated the agent call (the "calling user"), upon your account deletion, your user ID (`calling_user_id`), as well as the specific `request_details` and `response_details` associated with your interactions, will be set to NULL in these logs. The log entry itself (now primarily containing operational data such as the agent ID called, timestamps, credits consumed, status, and costs) will be retained in this further pseudonymized state. This retention is necessary for the legitimate business purposes of accurately calculating payouts to Agent Creators, maintaining the integrity of our platform\'s usage metrics, and for financial auditing and legal compliance related to transactions on the platform. These pseudonymized logs are not used to re-identify you for other purposes.

Data that must be retained for other legal or regulatory reasons (e.g., transaction records for financial audits, which may be held by us or our payment processor, Stripe) will be kept for the legally mandated period. Information held by third-party services like Stripe on their own servers will be subject to their data retention policies; however, Agently will ensure that links and direct associations from our platform to such data under our control are severed or anonymized where appropriate and legally permissible.

After your account is deleted, some data may also persist in backup archives for a limited period, isolated from further processing, until it is overwritten or deleted in accordance with our backup cycle policies.

Data related to your created agents and their usage logs (where you are the agent creator) will be handled as per your account status. If your account is deleted, publicly accessible agent information may be removed or anonymized, and private data associated with them will be deleted from our active systems, subject to the retention exceptions mentioned above. If your agent was used by other users, the `agent_logs` reflecting that usage (with the `calling_user_id` of those other users being nullified if they delete their accounts) will be retained as described above for payout and auditing purposes.

6. Your Data Protection Rights

In Short: Depending on your location (e.g., EEA, UK, California), you have specific rights regarding your personal information. You may review, change, or terminate your account at any time. We facilitate the exercise of your rights directly for data we control and work with our Service Providers as necessary to address your rights concerning data they process on our behalf.

We are committed to upholding your data protection rights. Depending on your residency, you may have the following rights:

6.1 Rights under GDPR (for EEA/UK Residents)

If you are a resident in the European Economic Area (EEA) or the UK, you have the following data protection rights regarding your personal information processed by Agently:

  • The right to access – You have the right to request copies of your personal data that we hold.
  • The right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete. You can typically review and change your primary account information (such as username and email address, with appropriate verification) through your account settings.
  • The right to erasure (Right to be forgotten) – You have the right to request that we erase your personal data from Agently's systems, under certain conditions. When you request erasure, we will delete your data from our active databases. For Agent Invocation Logs (`agent_logs`) where you were the calling user, your User ID will be set to NULL, pseudonymizing the record. The log entry itself may be retained in this state if necessary for overriding legitimate interests, such as calculating payouts to Agent Creators or for legal/financial auditing obligations (see Section 5 for details). We will also instruct our Service Providers (like Supabase, AWS, Vercel, Stripe) to delete your personal data they process on our behalf, in accordance with our DPA with them and subject to their own legal or regulatory retention obligations (e.g., Stripe may need to retain transaction data for a certain period).
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions. If processing is restricted, we will inform our Service Providers as necessary.
  • The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions, particularly where we rely on legitimate interests as our legal basis. If your objection is upheld, we will cease processing and inform our Service Providers.
  • The right to data portability – You have the right to request that we transfer the data that we have collected and that you provided to us to another organization, or directly to you, in a structured, commonly used, and machine-readable format, under certain conditions.
  • The right to withdraw consent – If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • Rights in relation to automated decision making and profiling – You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: contact@agently.gg, with the subject line 'GDPR Data Subject Request'.

You also have the right to lodge a complaint with a supervisory authority. If you are in Ireland, your supervisory authority is the Data Protection Commission (DPC). You can find their contact details and more information on their website: www.dataprotection.ie.

6.2 Rights under CCPA/CPRA (for California Residents)

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to Know/Access: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. This includes the categories of personal information collected, sources of the information, purposes for collecting/selling/sharing, categories of third parties to whom we disclose it, and specific pieces of personal information collected about you.
  • Right to Delete: You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (e.g., to complete a transaction, detect security incidents, comply with legal obligations).
  • Right to Correct Inaccurate Information: You have the right to request the correction of inaccurate personal information that we maintain about you.
  • Right to Opt-Out of Sale/Sharing: You have the right to opt-out of the "sale" or "sharing" of your personal information. We do not "sell" personal information in the traditional sense (i.e., for monetary gain). However, the definition of "sale" and "sharing" under CCPA/CPRA can be broad and may include activities like sharing data for cross-context behavioral advertising. As detailed in Section 7 (Cookies), we do not currently engage in extensive third-party advertising tracking that would constitute a "sale" or "sharing" under these definitions. If our practices change, we will update this policy and provide a clear mechanism to opt-out.
  • Right to Limit Use and Disclosure of Sensitive Personal Information (SPI): You have the right to direct us to limit our use of your SPI to that use which is necessary to perform the services or provide the goods reasonably expected by an average consumer. We only collect SPI (e.g., account login credentials if considered SPI) for essential service provision and do not use it for purposes requiring an explicit right to limit.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise these rights, please contact us at contact@agently.gg with the subject line 'CCPA/CPRA Rights Request'. We will verify your request using the information associated with your account. You may also designate an authorized agent to make a request on your behalf.

6.3 Account Information & Exercising Rights

If you would at any time like to review or change the information in your account (such as your username or email address, subject to verification) or terminate your account, you can log in to your account settings and update your user account. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases in accordance with our Data Retention policy (Section 5) and your applicable data protection rights. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Service and/or comply with legal requirements, as outlined in Section 5.

7. Cookies and Tracking Technologies

In Short: We may use cookies and other tracking technologies to collect and store your information.

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy (if applicable, or specify basic usage here).

For now, we primarily use essential cookies required for the operation of our Site, such as those that enable you to log into secure areas of our Site (e.g., session cookies, authentication cookies). We use Supabase for authentication, which may set its own cookies to manage your session. Vercel Web Analytics, which we use to understand site traffic and user behavior, also utilizes cookies and similar technologies to collect data. These are used for performance tracking and to provide aggregated analytics. For more details, refer to Vercel's documentation on their analytics service. We do not currently use other third-party cookies for advertising or extensive analytics tracking beyond basic operational needs that would constitute a "sale" or "sharing" of personal information under CCPA/CPRA. You can typically remove or reject cookies via your browser settings. However, if you do not accept cookies, you may not be able to use some portions of our Service. As our service evolves, we may introduce a more detailed Cookie Policy and provide more granular controls if non-essential cookies are introduced.

8. Security of Your Information

In Short: We aim to protect your personal information through a system of organizational and technical security measures.

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. Our platform leverages the security features provided by our infrastructure partners: AWS (for backend processing via Lambda and secret management via Secrets Manager), Supabase (for database and authentication), and Vercel (for hosting). This includes measures like data encryption in transit (TLS/HTTPS) and at rest (e.g., AES-256 by Supabase and AWS services), secure credential management, and infrastructure designed to protect against common web vulnerabilities. Our partners maintain robust security programs and certifications (e.g., Supabase SOC 2 Type 2; Vercel SOC 2 Type 2, ISO 27001; AWS extensive compliance attestations).

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Site is at your own risk. You should only access the Site within a secure environment.

9. Children's Privacy

In Short: We do not knowingly collect data from or market to children under 16 years of age (or the relevant minimum age for consent to process personal data in your country, e.g., 13 in the US under COPPA, if applicable). By using the Site, you represent that you are at least 16 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Site. If we learn that personal information from users less than the relevant minimum age has been collected without verifiable parental consent, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under the relevant minimum age, please contact us at contact@agently.gg.

10. Changes to This Privacy Policy

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this policy from time to time. The updated version will be indicated by an updated "Last updated" date and the updated version will be effective as soon as it is accessible on this page. We encourage you to review this policy frequently to be informed of how we are protecting your information. For material changes to this policy, we may provide additional notice (such as a prominent notice on our Site or by sending you a notification if you are a registered user) where appropriate under applicable law. Your continued use of our Service after any modifications to this policy will constitute your acknowledgment of the changes and your consent to abide and be bound by the modified policy, subject to any specific requirements for notice or consent for material changes under applicable law.

11. Contact Us

If you have questions or comments about this policy, you may email us at contact@agently.gg (please include 'Privacy Inquiry' in the subject line).

Agently
Ireland