Privacy Policy
Last updated: May 11, 2026 · Effective: May 11, 2026
This Privacy Policy describes how Agent Etna, Inc. ("Agent Etna," "we," "us") collects, uses, retains, and discloses personal data in connection with the Agent Etna platform (the "Service"). It addresses the legal handling of personal data only. The technical and organisational safeguards we operate are described on the Security page; the broader product position on privacy is described on the Private by design page; the contractual relationship is governed by the Terms of Service.
1. Who we are
Agent Etna, Inc. is a Delaware corporation with its registered office at 2261 Market Street, STE 36246, San Francisco, CA 94114. For the personal data described below, Agent Etna is a data controller in respect of account, billing, and product-telemetry data, and a processor in respect of personal data contained in Customer Content where you are the controller. Where a processor relationship applies, Agent Etna will sign a Data Processing Addendum on request.
2. What personal data we collect
| Category | Examples | Source |
|---|---|---|
| Identity & account | Name, email, avatar, identity-provider ID | You, via the identity provider you authenticate with |
| Connection data | Selected repository identifiers, OAuth scopes you grant | You, when you connect a source |
| Customer Content | Code, prompts, configurations, conversations, test results, patches | You, in the course of operating the Service |
| Billing data | Plan, invoice history, billing address, last four digits of payment method | You and our payment processor (Stripe) |
| Product telemetry | Feature usage, error rates, API call counts, token consumption | The Service, during normal operation |
| Device & log data | IP address, user-agent, session cookies, request logs | Your browser and our infrastructure |
Full payment-card numbers are processed by Stripe and never stored by Agent Etna.
3. How we use personal data
We process personal data to: (a) provide and operate the Service; (b) authenticate users and authorise access; (c) bill subscriptions and meter usage; (d) detect, investigate, and prevent fraud, abuse, and security incidents; (e) communicate with you about your account, the Service, and material changes to these policies; (f) comply with legal obligations; and (g) improve and develop new features. We do not use Customer Content to train foundation models, and we do not sell or rent personal data.
4. Legal bases (EEA, UK, Switzerland)
Where the GDPR or equivalent law applies, the lawful bases on which we rely are: performance of a contract with you (account, billing, delivery of the Service); legitimate interests (operating, securing, and improving the Service); compliance with a legal obligation (tax records, lawful requests); and consent (where required, for example for non-essential cookies). You may withdraw consent at any time without affecting prior lawful processing.
5. Sharing and sub-processors
We share personal data only with the categories of recipient listed below, and only as needed to operate the Service:
- Identity providers — GitHub, Google, GitLab (authentication).
- Source-control providers — the host of any repository you connect.
- Model providers — Anthropic, OpenAI, Google, Mistral, Groq, or any provider whose API key you supply. When using "Bring Your Own Key," your requests route through the provider under their own terms.
- Payment processor — Stripe.
- Infrastructure — cloud hosting, managed database, and email delivery providers used to run the Service.
- Professional advisers — auditors, legal, and tax advisers, under confidentiality obligations.
An up-to-date list of sub-processors is available on request from contact@agentetna.com and is provided to enterprise customers under a Data Processing Addendum.
6. International transfers
Agent Etna is based in the United States, and our infrastructure is operated in the United States. Where personal data originating in the EEA, the UK, or Switzerland is transferred outside that region, transfers are made pursuant to Standard Contractual Clauses (and the UK Addendum where applicable). A copy is available on request.
7. Retention
We retain personal data for as long as it is needed for the purpose collected, or as required by law. Account and billing records are retained for the life of the account and for up to seven (7) years thereafter for tax and audit purposes. Customer Content is deleted on the schedule set out in the Terms of Service (within thirty (30) days after termination, subject to backup-cycle retention). Security logs are retained for up to twelve (12) months.
8. Your rights
Subject to applicable law you may have the right to: access the personal data we hold about you; correct or update inaccurate data; delete data; restrict or object to processing; withdraw consent; and receive a portable copy. Requests should be sent to contact@agentetna.com. We will respond within thirty (30) days. If you are in the EEA, the UK, or Switzerland and believe we have not addressed your concern, you may lodge a complaint with your local supervisory authority.
California residents: under the CCPA/CPRA you have similar rights, including the right not to be discriminated against for exercising them. We do not "sell" or "share" personal data as those terms are defined.
9. Cookies
The Service uses strictly-necessary cookies for sign-in, session, and CSRF protection (always on), and, where you opt in, analytics and preference cookies. Change your preferences at any time via the link.
10. Children
The Service is not directed to and not intended for children under the age of sixteen (16). We do not knowingly collect personal data from a child. If you believe a child has provided us with personal data, please contact contact@agentetna.com and we will delete it.
11. Changes to this Policy
We may update this Policy from time to time. We will notify you of material changes at least thirty (30) days before they take effect, by email or in-product notice. The "Last updated" date at the top of this page reflects the most recent revision.
12. Contact
For privacy questions or to exercise your rights, write to contact@agentetna.com. The Data Protection Officer can be reached at the same address.
Agent Etna, Inc.
2261 Market Street, STE 36246
San Francisco, CA 94114
United States