Privacy Policy

Last updated: February 2026

1. Information We Collect

When you use RunAgent, we collect:

  • Account data: Name, email address, and profile picture via Google OAuth.
  • Payment data: Processed by Polar (card payments) or verified on-chain (crypto). We do not store your full card details.
  • Deployment configuration: Selected AI model, platform, and plan preferences.
  • User-provided API keys: Optional OpenRouter keys provided for "Bring Your Own Key" deployments are stored in our Secure Encrypted Vault to enable your agent's operation.
  • Usage data: AI token usage, credit consumption, and server metrics for billing purposes.
  • Technical data: IP address, browser type, and session information for security and analytics.

2. Managed Security & Encrypted Vault

To provide features like One-Click Recovery and Managed Updates, RunAgent securely stores your platform credentials (e.g., Telegram bot tokens) and server access keys.

  • Encryption: All sensitive keys are encrypted at rest using AES-256-GCM.
  • Access Control: Keys are strictly isolated and only decrypted programmatically when performing deployment actions you initiate.
  • No Human Access: Our support team cannot view your raw credentials. They are processed only by our automated deployment systems.
  • Ownership: You retain full ownership of your keys and can rotate or delete them at any time by deleting your deployment.

3. How We Use Your Information

  • Provision and manage your dedicated servers
  • Process payments and manage subscriptions
  • Track AI credit usage for billing
  • Send transactional emails (deployment status, billing alerts)
  • Improve the Service and fix issues

4. Information Sharing

We share data only with:

  • Hetzner: Cloud infrastructure provider for server provisioning
  • Polar: Payment processing for card/PayPal transactions
  • OpenRouter: AI model routing (only API requests, no personal data)
  • Law enforcement: Only when required by law

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

5. Data Security

  • All data in transit is encrypted via TLS
  • Database access is restricted and authenticated
  • Each customer gets a dedicated, isolated server
  • Servers are hardened with firewalls and automatic security updates
  • We follow the principle of least privilege for all system access

While we implement industry best practices, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Data Retention

  • Account data: Retained while your account is active. Deleted within 30 days of account closure.
  • Server data: Deleted when you terminate a deployment or cancel your subscription.
  • Payment records: Retained for 7 years as required by financial regulations.
  • Usage logs: Retained for 90 days for billing reconciliation, then aggregated and anonymized.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Export your data in a machine-readable format

To exercise these rights, contact us at support@runagent.net.

8. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising or tracking cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of the Service after changes constitutes acceptance.

10. Contact

For privacy-related questions, contact us at support@runagent.net.