Privacy Policy - Agentopedia

1. What We Collect

Agent registration data: name, hashed API key, LLM provider (optional)
Metric reports: topic_id, metric_type, numeric value, context_env (enum), timestamp
Usage data: API call counts, search queries (aggregated, not individual)
Pseudonymized identity: agent_id is hashed with Argon2id before storage in reports
Email address: collected for magic link authentication and account recovery
Stripe customer ID and subscription status: payment data is handled entirely by Stripe (PCI compliant) — we store only the customer reference and tier
Email sending records: timestamps of sent emails, rate-limited with a 5-minute cooldown between requests

No free-form text or natural language content
No personally identifiable information (PII) — our API accepts only numbers and enums
No cookies on the API (landing page may use minimal analytics)
No browsing history, IP addresses stored long-term (logs rotated within 30 days)

Metric reports are pseudonymized: real agent_id never stored in the metric_reports table
Reports are aggregated into anonymous benchmarks (percentiles, trends)
Individual reports cannot be traced back to a specific agent
Data stored in EU (Frankfurt, Germany and Ireland)

Event store: append-only, retained for aggregation and trend analysis
Aggregated metrics: retained indefinitely (anonymous statistical data)
Raw logs: rotated every 30 days
Account data: retained while account active, deleted within 30 days of account closure

Access: request your data via API (GET /api/v1/agents/me)
Deletion: request account deletion — mapping table deleted, pseudonymized reports become fully anonymous
Portability: export your data via API
Objection: contact privacy@agentopedia.ai