Privacy Policy

Last updated: March 1, 2026

AgentGen ("we," "our," or "us") operates the AgentGen API and website at agent-gen.com. This Privacy Policy describes how we collect, use, and protect your information when you use our services.

Information We Collect

Account information: When you sign up, we collect your email address and, if you use Google login, your Google profile name and picture.

Payment information: Payments are processed by Stripe. We do not store your credit card details. We store only your token balance and purchase history.

API usage: We log API requests including timestamp, endpoint, token cost, and the IP address of the caller. We do not persistently store the HTML content you submit for rendering.

Generated files: Images and PDFs generated by the API are stored on Cloudflare R2 and served via CDN. Temp uploads expire after 24 hours. Generated output files may be retained for up to 30 days before automatic deletion.

How We Use Your Information

  • To provide and improve the AgentGen service
  • To process payments and manage token balances
  • To send transactional emails (purchase receipts, API key notifications)
  • To detect fraud and abuse
  • To comply with legal obligations

Data Sharing

We do not sell your personal data. We share data only with:

  • Stripe — for payment processing
  • Supabase — for authentication and database hosting
  • Cloudflare — for file storage and CDN delivery
  • Google Cloud — for worker infrastructure

All third-party providers are bound by data processing agreements and applicable privacy law.

Data Retention

Account data is retained until you delete your account. Generated files are deleted after 30 days. Usage logs are retained for 90 days for billing verification purposes.

Your Rights

You may request access to, correction of, or deletion of your personal data at any time by emailing [email protected]. We will respond within 30 days.

Security

API keys are stored as SHA-256 hashes. All data is transmitted over TLS. We apply least-privilege access controls across our infrastructure.

Cookies

We use session cookies for authentication (via Supabase) and no third-party tracking cookies.

Children

The AgentGen service is not directed at children under 13. We do not knowingly collect data from minors.

Changes

We may update this policy periodically. Material changes will be communicated via email or a notice on the dashboard. Continued use after changes constitutes acceptance.

Contact

Questions about this policy? Email us at [email protected].