Privacy Policy

Last updated: July 1, 2026

1. Information We Collect

Account information: Name, email address, company name, and billing details when you register or purchase credits.

Usage data: Platform interactions, API calls, agent executions, feature usage, and performance metrics.

Customer data: Documents, code, schemas, and business data you upload or connect to the Platform for processing by AI agents.

Technical data: IP address, browser type, device information, and log data collected automatically.

2. How We Use Your Information

We use your information to: (a) provide and improve the Platform; (b) process billing and transactions; (c) communicate about your account and service updates; (d) ensure security and prevent fraud; (e) comply with legal obligations.

We do not use your customer data to train AI models. Your business data is processed solely to deliver Platform services.

3. Data Storage and Security

Data is encrypted at rest (AES-256) and in transit (TLS 1.3). Customer data in data-plane deployments remains within your chosen infrastructure (AWS, GCP, or Azure). Control-plane data is hosted in SOC 2 Type II certified facilities.

We implement access controls, audit logging, MFA enforcement, and quarterly access reviews.

4. Data Sharing

We do not sell your personal information. We share data only with: (a) service providers who assist in operating the Platform (Stripe for billing, cloud infrastructure providers); (b) as required by law or legal process; (c) with your explicit consent.

5. Data Retention

Account data is retained while your account is active and for 30 days after termination. Customer data is deletable on request. Billing records are retained as required by tax and financial regulations. Anonymized usage analytics may be retained indefinitely.

6. Your Rights

Depending on your jurisdiction, you may have the right to: access your data, correct inaccuracies, delete your data, port your data, object to processing, and withdraw consent. To exercise these rights, contact privacy@vouchstone.ai.

7. Cookies

We use essential cookies for authentication and session management. We use analytics cookies to understand Platform usage. You can control cookie preferences through your browser settings.

Essential cookies: Authentication tokens, session identifiers, CSRF protection. These are required for the Platform to function.

Analytics cookies: Anonymized usage patterns to improve the Platform. These can be disabled without affecting functionality.

8. CCPA (California)

California residents have the right to know what personal information is collected, request deletion, and opt out of the sale of personal information. We do not sell personal information. To make a request, contact privacy@vouchstone.ai.

9. GDPR (European Union)

For EU residents, Vouchstone LLC acts as a data controller for account data and a data processor for customer data. Our legal basis for processing is contract performance and legitimate interest. For enterprise customers, we execute a Data Processing Agreement (DPA) that includes Standard Contractual Clauses.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or Platform notification at least 30 days before they take effect.

11. Contact

For privacy inquiries: privacy@vouchstone.ai

Vouchstone LLC, San Francisco, CA, United States