>-8-< AAASP

Legal

Privacy Policy

Last updated: March 11, 2026

1. Overview

AAASP ("we," "us," or "our") operates the platform at aaasp.ai. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information. We are committed to handling your data with care and transparency.

2. Information We Collect

Account Information

  • Email address (used for account identification and communications)
  • Account plan and status
  • API key hash (we store a hash, never the raw key)

Usage Data

  • Agent definitions, deployment configurations, and run logs you create
  • Credit balance and transaction history
  • API request metadata (timestamps, endpoint, status codes)
  • Third-party credential identifiers you store (encrypted at rest with Cloak/AES-256)

Technical Data

  • IP addresses and browser/client user-agent strings in server logs
  • Session tokens (stored in secure, HTTP-only cookies for the dashboard)

We do not collect the raw output of AI models unless you explicitly store it as part of a run log. We do not sell your data to third parties.

3. How We Use Your Information

  • To provide, operate, and improve the Service
  • To process payments and manage your credit balance
  • To authenticate you and secure your account
  • To send transactional emails (account creation, billing, security alerts)
  • To respond to support requests
  • To analyze aggregate, anonymized usage patterns for product improvement
  • To comply with legal obligations

We do not use your agent content or run logs to train AI models.

4. Data Storage and Security

Data is stored on servers located within the European Union and/or United States. We use industry-standard measures including:

  • AES-256 encryption at rest for sensitive fields (credentials, API keys)
  • TLS encryption in transit for all connections
  • Hashed (bcrypt/SHA-256) storage for API keys
  • Access controls limiting employee access to production data

No security system is impenetrable. In the event of a data breach, we will notify affected users within 72 hours as required by applicable law.

5. Data Retention

We retain your account data for as long as your account is active. Run logs are retained for 90 days by default. Billing records are retained for 7 years as required by financial regulations.

When you delete your account, we delete or anonymize your personal data within 30 days, except where retention is required by law.

6. Third-Party Services

We may share data with the following categories of third parties:

  • Payment processors — to handle billing (e.g., Dodo Payments). We share only what is necessary for the transaction.
  • Infrastructure providers — our hosting and database providers process data on our behalf under data processing agreements.
  • Legal authorities — when required by a valid legal process.

We do not share your data with advertisers or data brokers.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access — request a copy of the data we hold about you
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of your personal data ("right to be forgotten")
  • Portability — receive your data in a structured, machine-readable format
  • Objection / Restriction — object to or restrict certain processing
  • Opt-out of marketing — unsubscribe from non-transactional emails at any time

To exercise these rights, email privacy@aaasp.ai. We will respond within 30 days.

8. Cookies

We use a single session cookie for dashboard authentication. We do not use advertising cookies or third-party tracking scripts. The session cookie is HTTP-only and secure, and expires when you log out or your session expires.

9. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us and we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via email or dashboard notice. The "last updated" date at the top of this page reflects the most recent revision.

11. Contact

For privacy inquiries or data requests, contact us at privacy@aaasp.ai.