Privacy Policy

Last Updated: April 12, 2026 (Beta Release)

1. INFORMATION WE COLLECT

1.1 Direct Information

• Account Data: Email and encrypted credentials (scram-sha-256).
• Workflow Context: Data snippets required for human-in-the-loop approval decisions.
• Payment Data: Handled exclusively by Stripe (PCI-DSS compliant).

1.2 AI & Execution Metadata

To provide deterministic AI orchestration, we log:

• LLM Decision Paths: Model used, token consumption, and reasoning context.
• Tool Call History: Which internal tools were triggered by an agent.
• Approval Records: Timestamps and identities of human approvers.

1.3 System Observability & Diagnostics

To maintain platform stability and debug workflow failures, we collect system telemetry and server logs via self-hosted observability tools (Grafana and Loki). These logs are stored on our private infrastructure, are never shared with third-party logging vendors, and are automatically purged after 90 days.

2. DATA PROTECTION & SOVEREIGNTY

2.1 Local-First Security

For n8n-hosted workflows, your n8n API keys and third-party credentials are stored locally on your device via the Agentiff.AI application. These secrets are used to provision your host directly and are not transmitted to or stored on Agentiff.AI's central servers.

2.2 Credential Isolation

Your integration credentials (Google, Slack, etc.) are encrypted at rest in our vault using AES-256-GCM and decrypted only at sync time when provisioning your n8n instance. Credentials are never stored in workflow execution history or exposed to AI agents.

2.3 Infrastructure Security

• Network Security: Application traffic is protected in transit using TLS and other network-layer safeguards that may change as our infrastructure evolves.
• PII Protection: Automated pattern-based PII scanning is active for all AI inputs. No customer PII is stored in long-term vector memory.
• Local Encryption: Secrets on your device are protected by AES-256-GCM encryption using a device-derived key.

3. DATA RETENTION

• Approval Context: Deleted within 24 hours of decision.
• Diagnostic & Audit Logs: Retained for up to 90 days for security, troubleshooting, and operational monitoring.
• Backups: Encrypted offsite backups are maintained for 7 days.

4. THIRD-PARTY DATA HANDLING

• OpenAI/Anthropic: Context is sent for real-time processing only. We opt-out of training on your data via API enterprise controls.
• Infrastructure: Data is processed across a hybrid-cloud environment utilising DigitalOcean and Hetzner bare-metal servers. SSL/TLS encryption is enforced for all data in transit.

5. GOOGLE API SERVICES USER DATA

Agentiff.AI's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5.1 What Google User Data We Access

If you choose to connect a Google account, Agentiff.AI only requests the Google user data needed for the workflow feature you explicitly enable. For Gmail-based workflows, this currently includes read-only access to:

• https://www.googleapis.com/auth/gmail.readonly — to read Gmail message content and metadata required by the workflow.
• https://www.googleapis.com/auth/gmail.labels — to read Gmail labels used to filter, categorise, or scope the requested workflow.

If you use Google Sign-In for authentication, we may also receive your basic Google account information such as your name, email address, and Google account ID to create or authenticate your account.

We do not request permission to send, modify, delete, or permanently manage your Gmail messages or mailbox settings unless a separate Google scope is clearly presented and approved by you for a specific feature.

5.2 How We Use Google User Data

We use Google user data only to provide and improve the user-facing feature you requested, such as reading Gmail messages to summarize, classify, or extract information inside a workflow you intentionally run. We do not use Google user data for advertising, marketing profiling, sale to third parties, or any unrelated purpose.

Google user data is not used to train generalized AI or machine learning models. We do not allow humans to read your Google user data except when necessary to provide support, investigate abuse, comply with applicable law, or with your explicit consent.

5.3 Storage, Retention, and Security

Agentiff.AI stores Google OAuth tokens only as needed to maintain your authorized connection. Gmail message content accessed through Google APIs is processed only for the requested workflow run and is not stored as a permanent copy on Agentiff.AI servers unless you explicitly configure a workflow destination that saves the result under your control.

Any retained Google-connected credentials are encrypted at rest and protected by our access controls. Workflow content and diagnostic data are retained only as described in the retention section of this policy.

5.4 Sharing and Disclosure

We do not sell Google user data. We do not share Google user data with third parties except:

• to provide the feature you requested within your configured workflow,
• to service providers acting on our behalf under confidentiality obligations,
• for security, fraud prevention, or legal compliance, or
• with your explicit direction or consent.

5.5 Revoking Access and Deletion

You can revoke Agentiff.AI's access to your Google account at any time via your Google Account permissions page. You can also disconnect the Google integration from within Agentiff.AI. Once access is revoked, Agentiff.AI will no longer be able to access new Google user data from that account. You may also request deletion of stored Google-connected account data by contacting us at [email protected].