Privacy Policy

This Privacy Policy explains how AgentFoundry (“we”, “us”,“our”) collects, uses, and discloses information when you use the AgentFoundry software platform and the agentfoundry.co website (the “Service”). It applies to agents, agency administrators, and anyone else who creates an AgentFoundry account. It also explains how end-client information that licensed agents capture inside the Service is handled.

Account information. When you create an account we collect your name, email address, phone number (optional), password (hashed), profile photo (optional), and the agency or tenant you belong to. If you sign in with Google, we receive your name, email, and profile picture from Google.

Content you provide. Anything you upload to or create in the Service, including business-card details, client records, notes, tasks, policies, photos, videos, intake-form submissions, scripts, templates, and messages between team members or between you and a client.

End-client information. When you use the Service to manage prospects or clients, you may enter their names, contact details, family information, financial needs-analysis responses, policy details, and consent records. See Section 4 for how we treat this information.

Audio and transcripts. If you enable the live call AI or recording features, the Service captures audio and generates text transcripts, structured notes, and policy-fit summaries. These outputs are stored in your tenant workspace.

Usage and device data. We collect server logs, request timestamps, IP addresses, approximate location derived from IP, browser type and version, operating system, referring URL, and pages viewed. This data is used for security, debugging, and product improvement.

Cookies and local storage. We use strictly necessary cookies for authentication and session management, plus a small amount of local storage to remember your preferences (for example, which tab you last visited). We do not use advertising cookies or third-party tracking beacons.

• To provide, operate, and maintain the Service;
• To authenticate you, secure your account, and protect against fraud or abuse;
• To generate AI summaries, transcripts, and suggestions when you invoke those features;
• To send transactional email (sign-up confirmations, password resets, invitations, billing receipts);
• To respond to support requests and communicate about changes to the Service;
• To analyze aggregate usage patterns and improve the Service — we do not use your individual content or Your Content to train general-purpose AI models;
• To comply with law and enforce our Terms of Service.

Licensed agents and agencies that use the Service to manage prospects, clients, and policies act as the data controller for that end-client information. AgentFoundry acts as a data processor, storing and processing end-client information on the agent's or agency's behalf and under their instructions.

End clients with questions about how their data is used, or who want to exercise rights over their data, should contact the agent or agency they work with directly. We will cooperate with agent-directed requests to access, correct, or delete end-client information, subject to applicable legal or regulatory retention requirements.

When you use AI features (transcription, live notes, policy-fit ranking, follow-up drafting), relevant content from the Service is sent to third-party AI providers — currently Anthropic (language models) and Deepgram (speech-to-text) — for processing. We select providers that contractually agree not to retain your content beyond the period necessary to serve the request, and not to use it to train their models.

AI Output is probabilistic and may contain errors. We clearly label AI-assisted features within the Service so you can review and verify any output before acting on it. See our Terms of Service for additional limitations on AI Output.

We share information with the following categories of recipients, and only as needed:

• Within your tenant. Other users of the same agency or tenant may see information based on their role. Our role model (super admin, company admin, org leader, agent) is described in the Service and enforced at the database level.
• Subprocessors. We use vetted third-party service providers to deliver the Service: Supabase (database + auth), Cloudflare (edge hosting + DNS), Resend (transactional email), Anthropic (AI models), Deepgram (transcription), Google (OAuth sign-in, optional Calendar/Meet integrations), Twilio (SMS, when you opt in), and Stripe (billing, when paid plans launch). Subprocessors are contractually bound to protect your information and to use it only to provide the services we have engaged them for.
• Legal and safety. We may disclose information where we reasonably believe it is necessary to comply with a legal obligation, enforce our Terms, protect the rights and safety of AgentFoundry or its users, or respond to a valid legal process.
• Business transfers. If AgentFoundry is acquired or merged, information may be transferred as part of that transaction; the acquirer will be bound by a privacy policy no less protective than this one.

We do not sell your information and we do not share it for third-party advertising or behavioral profiling.

We use industry-standard safeguards including TLS in transit, encryption at rest for databases and object storage, tenant isolation enforced via Postgres row-level security, least-privilege access for our staff, and regular backups. No system is perfectly secure, and we cannot guarantee the security of information transmitted to the Service; we will notify affected users of a qualifying security incident as required by law.

We retain account and content information for as long as your account is active and for a reasonable period afterward for backup, audit, and dispute-resolution purposes. You may request deletion of your account at any time (see Section 9). Certain data may be retained for longer where required by law, regulation, or active legal process.

Depending on where you live, you may have the right to:

• Access, correct, or delete the personal information we hold about you;
• Port your information to another service;
• Restrict or object to certain processing, including withdrawing consent where processing is based on consent;
• Not be subject to discrimination for exercising these rights.

To exercise these rights, email us at privacy@agentfoundry.co. We may need to verify your identity before acting on a request.

The Service is not intended for and is not directed to children under 18, and we do not knowingly collect personal information from them. If we learn that we have collected personal information from a child under 18, we will delete it.

California residents have the right to (a) know what categories of personal information we collect and the purposes for which we use it; (b) request access to and deletion of their personal information; (c) correct inaccurate information; (d) limit the use and disclosure of sensitive personal information; and (e) opt out of the “sale” or “sharing” of personal information. As noted above, we do not sell or share personal information as those terms are defined under California law.

AgentFoundry is operated from the United States. If you access the Service from outside the United States, you understand that your information will be transferred to, stored, and processed in the United States, which may have different data-protection laws than your country. Where required, we rely on standard contractual clauses or similar safeguards for international transfers.

We may update this Privacy Policy from time to time. When we make a material change, we will update the “Last updated” date above and, where required by law or reasonably practicable, provide notice through the Service or by email.

Questions, requests, or concerns about this Privacy Policy may be sent to privacy@agentfoundry.co.