Privacy Policy

AgentID is an agent identity management platform. We operate the service at agentid.live and provide tools for creating, deploying, and monitoring AI agent identities. For the purposes of applicable data protection law, AgentID acts as the data controller for personal data collected through the platform.

Questions or requests relating to your personal data may be directed to: privacy@agentid.live

We collect the minimum data necessary to operate the service:

We explicitly do not collect:

• Payment or financial information (the platform does not currently process payments)
• Government-issued identification numbers
• Biometric data of any kind
• The contents of your conversations with AI agents or third-party platforms
• Location data beyond IP-level geolocation included in standard server logs
• Any data from connected AI platforms (Claude, Cursor, Codex, etc.). Those platforms have their own privacy policies

We use the data we collect exclusively to provide and improve the service:

• \\1: authenticating your session, serving your persona data, storing memory entries, and displaying Studio activity.
• \\1: sending transactional emails (account verification, password reset). We do not send marketing emails without your explicit opt-in.
• \\1: detecting abuse, preventing unauthorised access, and investigating potential violations of our Terms of Service.
• \\1: understanding which features are used and where users encounter friction, using anonymised aggregate data only.

We do not use your data for advertising, profiling, or any automated decision-making that has legal or significant effects on you.

Several features of AgentID use Google Gemini (via the Google Generative AI API) to process your content. This includes persona generation from uploaded documents and memory extraction from uploaded files.

When you use these features, the content you submit (the text of the document) is transmitted to Google's API for processing. This transmission is covered by Google's API Terms of Service and Privacy Policy. We recommend you do not submit sensitive personal data through these features.

We do not store the raw API responses beyond the session in which they are used. Structured output (the parsed persona or memory entries) is stored only if you explicitly save it.

We do not sell, rent, or trade your personal data. We share data with third parties only in the following limited circumstances:

All data transmitted between your browser and agentid.live is encrypted using TLS (HTTPS). Passwords are hashed using a one-way cryptographic function and are never stored in plaintext.

Agent memory entries and persona data are stored in a database accessible only to authenticated users and to your own connected agents via your MCP secret key. MCP secret keys are unique per agent and are displayed only once at creation.

Despite these measures, no system is completely secure. We cannot guarantee the absolute security of your data and encourage you to use a strong, unique password and to protect your MCP secret keys.

We retain your data for as long as your account is active. Specifically:

• \\1: retained until you delete your account.
• \\1: retained until you delete the specific identity, memory entry, or your entire account.
• \\1: retained for 90 days from the date of the event, after which they are automatically purged.
• \\1: retained for up to 30 days for security purposes.

When you delete your account, all associated personal data is permanently removed from our active systems within 30 days. Anonymised aggregate statistics derived from your usage may be retained indefinitely.

AgentID uses a minimal number of cookies:

We do not use advertising cookies, tracking pixels, or third-party behavioural tracking of any kind.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• \\1: request a copy of the personal data we hold about you.
• \\1: request correction of inaccurate or incomplete data.
• \\1: request deletion of your personal data. You can delete your account directly from the profile settings page.
• \\1: request an export of your identity and memory data in a structured format.
• \\1: request that we limit the processing of your data in certain circumstances.
• \\1: object to processing based on legitimate interests.

To exercise any of these rights, email privacy@agentid.live. We will respond within 30 days. Identity verification may be required before processing certain requests.

AgentID is not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal information, please contact us at privacy@agentid.live and we will delete it promptly.

If you access AgentID from outside the European Economic Area (EEA), your data may be processed in a country that does not have the same level of data protection as your home country. In such cases, we rely on appropriate safeguards, such as standard contractual clauses approved by the European Commission, to ensure your data is protected to an equivalent standard.

Processing via the Google Generative AI API involves data transfer to Google's infrastructure, which may be located in the United States or other jurisdictions. Google's data processing terms provide appropriate safeguards for such transfers.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by applicable law. Where the breach poses a high risk to you personally, we will also notify you directly without undue delay.

Notifications will describe the nature of the breach, the categories of data affected, the likely consequences, and the measures we are taking to address it.

We may update this Privacy Policy from time to time. If we make material changes, particularly changes that affect how we use your data; we will notify registered users by email and display a notice on the platform. The “Last updated” date at the top of this page will always reflect the current version.

Continued use of the platform after any change constitutes acceptance of the updated policy. If you disagree with any change, you may delete your account before the change takes effect.

For any privacy-related questions, data requests, or concerns, please contact our privacy team: