Privacy Policy

1. Information We Collect

We collect the following categories of information when you use the Agent Readiness Platform:

• Account information: Your email address, name, and optionally your company name, provided when you sign up.
• Payment information: Payment card details are collected and processed by Stripe. We do not store your full card number, CVC, or expiration date. We receive a Stripe customer ID and transaction records.
• Evaluation data: The vendor URLs, evaluation configurations, agent traces, scores, and reports generated when you run evaluations.
• Usage data: Pages visited, features used, evaluation frequency, and other interaction data collected through Google Analytics.
• Technical data: IP address, browser type, operating system, and device information, collected automatically when you access the Service.

2. How We Use Your Information

We use the information we collect to:

• Provide the Service: Run evaluations, generate reports, manage your account, and process payments.
• Send transactional emails: Account confirmations, password resets, evaluation completion notifications, and payment receipts.
• Improve the product: Analyze usage patterns, fix bugs, and develop new features. We use anonymized, aggregated data for this purpose.
• Maintain security: Detect and prevent fraud, abuse, and unauthorized access.
• Comply with legal obligations: Respond to lawful requests from government authorities.

3. What We Do NOT Do

We are committed to responsible data practices. We do not:

• Sell your personal information to third parties.
• Share your data with third parties for their marketing purposes.
• Use your evaluation data to train AI models.
• Store credentials, API keys, or passwords for any third-party service.
• Access authenticated or protected areas of any vendor website during evaluations.

4. Third-Party Services

We use the following third-party services to operate the platform. Each processes data according to their own privacy policies:

• Stripe (stripe.com/privacy) — Payment processing. Stripe receives your payment card details, billing address, and transaction information.
• OpenAI (openai.com/privacy) — LLM provider for agent simulations. Receives publicly accessible vendor information (not your personal data). API data is not used for model training.
• Anthropic (anthropic.com/policies) — LLM provider for agent simulations. Same data handling as OpenAI above.
• Google AI (ai.google.dev/terms) — LLM provider for agent simulations and judge scoring. Same data handling as above.
• Heroku (Salesforce) — Application hosting and database infrastructure. All data is processed within Heroku's SOC 2 certified environment.
• Resend (resend.com/privacy) — Transactional email delivery for password resets, account notifications, and feedback confirmations.
• Google Analytics (policies.google.com/privacy) — Website analytics. Collects anonymized usage data including pages visited, session duration, and referral sources.

5. Data Retention

• Account data: Retained for as long as your account is active. Upon account deletion, personal data is removed within 30 days.
• Evaluation data: Retained for 90 days by default after evaluation completion. Enterprise customers may configure custom retention periods.
• Payment records: Transaction records are retained for 7 years as required for tax and legal compliance.
• Analytics data: Google Analytics data is retained according to Google's data retention settings (currently 14 months).

6. Cookies

The Agent Readiness Platform uses a minimal set of cookies:

• Functional cookies: We use localStorage (not cookies) to maintain your authentication session. This is essential for the Service to function.
• Analytics cookies: Google Analytics sets cookies to distinguish unique visitors and track session information. These help us understand how the Service is used.

We do not use advertising cookies, tracking pixels, or third-party marketing cookies.

7. Your Rights

You have the following rights regarding your personal information:

• Access: You can request a copy of all personal data we hold about you.
• Correction: You can update your account information at any time through the account settings page.
• Deletion: You can request deletion of your account and associated data by emailing support@agentreadiness.net.
• Export: You can request an export of your evaluation data in a machine-readable format.
• Objection: You can object to processing of your data for analytics purposes.

To exercise any of these rights, contact us at support@agentreadiness.net. We will respond within 30 days.

8. Security

We take reasonable measures to protect your personal information:

• All data in transit is encrypted via TLS 1.3 (HTTPS).
• Data at rest is encrypted using AES-256 in our PostgreSQL database.
• Passwords are hashed using bcrypt with per-user salts.
• We do not store payment card details, API keys, or third-party credentials.
• Access to production systems is restricted to authorized personnel only.

For more details, see our Trust & Security page.

9. Children

The Agent Readiness Platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via the email address associated with your account at least 14 days before the changes take effect. The "Effective Date" at the top of this page indicates when this policy was last revised.

11. Contact

If you have any questions about this Privacy Policy or our data practices, please contact us at:

support@agentreadiness.net