Privacy Policy

1. Information We Collect

Information You Provide Directly

We collect information you provide when using our services:

• Account Information: Name, email address, company name, job title, phone number
• Payment Information: Billing address, payment method details (processed securely through Stripe)
• AI Agent Configuration: Training data, conversation flows, integration settings
• Communications: Support requests, feedback, and correspondence with our team
• Business Data: Customer interactions, conversation logs, performance metrics

Information Collected Automatically

When you use our platform, we automatically collect:

• Usage Analytics: Page views, feature usage, session duration, click patterns
• Technical Information: IP address, browser type, device information, operating system
• Performance Data: AI agent response times, error logs, system performance metrics
• Cookies and Tracking: Essential cookies for functionality, analytics cookies (with consent)

2. How We Use Your Information

Service Provision

• Deploy and manage your AI agents
• Process customer interactions through your agents
• Provide technical support and troubleshooting
• Maintain platform security and performance
• Process payments and manage billing

Service Improvement

• Analyze usage patterns to improve features
• Optimize AI agent performance and accuracy
• Develop new features and capabilities
• Conduct research and development

Communication

• Send service updates and security notifications
• Provide customer support responses
• Share product announcements (with consent)
• Deliver educational content and best practices

Legal Compliance

• Comply with applicable laws and regulations
• Respond to legal requests and court orders
• Protect against fraud and security threats
• Enforce our Terms of Service

3. Data Security & Protection

Security Measures

We implement enterprise-grade security controls:

• Encryption: AES-256 encryption at rest, TLS 1.3 in transit
• Access Controls: Multi-factor authentication, role-based permissions
• Infrastructure: SOC 2 Type II certified cloud providers
• Monitoring: 24/7 security monitoring and incident response
• Auditing: Regular security assessments and penetration testing

Compliance Certifications

• SOC 2 Type II: Annual audits of security controls
• ISO 27001: Information security management standards
• GDPR: EU data protection regulation compliance
• CCPA/CPRA: California privacy law compliance
• HIPAA: Healthcare data protection framework (when applicable)

Data Retention

We retain your information only as long as necessary to provide services, comply with legal obligations, or fulfill the purposes outlined in this policy. You may request deletion of your data at any time.

4. Data Sharing & Third Parties

We May Share Data With

• Service Providers: Cloud hosting, analytics, payment processors, customer support tools
• Integration Partners: When you connect Agentra to third-party services
• Professional Advisors: Attorneys, auditors, and consultants as needed
• Legal Authorities: When required by law or to protect our rights

Third-Party Data Processors

All third-party processors we use are bound by data processing agreements that require them to:

• Process data only according to our instructions
• Implement appropriate security measures
• Notify us of any data breaches
• Assist with data subject rights requests
• Delete or return data when our relationship ends

No Sale of Personal Information

We do not sell your personal information to third parties. We only share data as described in this policy and with partners necessary to provide our services.

5. Your Rights & Choices

Your Data Rights

Depending on your location, you may have the right to:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests

Managing Your Preferences

You can control your data and communications:

• Update account information in your profile settings
• Manage cookie preferences via our cookie consent banner
• Unsubscribe from marketing emails using the link in each message
• Contact us directly for complex data requests

Response Timeline

We will respond to data rights requests within 30 days. In complex cases, we may extend this period by an additional 60 days, but we'll notify you of any delays and the reasons for them.

6. International Data Transfers

Agentra operates globally, which means your data may be processed in countries other than where you reside. When we transfer personal data outside the EU/EEA or UK, we ensure adequate protection through:

• EU Standard Contractual Clauses (SCCs)
• UK International Data Transfer Agreement (IDTA)
• Privacy Shield certification for US transfers (when applicable)
• Selection of processors in countries with adequate protection determinations

You may request a copy of the safeguards we use for international transfers by contacting our privacy team.

7. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children. If we discover we have collected information from a child without parental consent, we will promptly delete that information. If you believe we may have collected information from a child, please contact us immediately.

8. Changes to this Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will post the updated policy on our website with a revised "Last updated" date. For significant changes, we will provide notice through our website or by email.

9. Contact Us

If you have questions about this Privacy Policy or to exercise your rights, contact our Data Protection Officer:

EU/EEA Representatives:
Email: gdpr@agentra.io

You may also visit our contact page for additional ways to reach us.