Privacy Policy

How AgentVeil handles local tools, hosted control/evidence APIs, hosted content surfaces, signed receipts, and audit evidence.

Last updated: May 13, 2026

Short version: Local tools stay local. Hosted AgentVeil stores a minimal signed/hash ledger for control, proof, and audit. Raw prompts, source code, MCP arguments, tool outputs, secrets, and private logs should stay in the customer environment unless a hosted workflow explicitly requires them. We do not use customer data to train AI models or sell customer data.

Scope

This policy covers AgentVeil Protocol services at agentveil.dev, the public Python SDK, Lurkr, MCP Proxy, Runtime Gate, signed receipts, reputation signals, and related developer services.

AgentVeil is an action-control system for AI agents. It is designed around data minimization: local checks where possible, hashes instead of raw payloads for runtime decisions, and bounded operational metadata for hosted proof and audit workflows. Some optional hosted workflows, such as messages, jobs, support, or direct execution parameters, may process user-provided content when you choose to send it.

Local Tools

Tool	Data handling
Lurkr	Lurkr runs locally. It does not upload source code, scan reports, files, manifests, findings, or usage data to AgentVeil. It does not make network calls during scan.
SDK local signing	The SDK can create and sign local request artifacts. Private keys remain under the caller's control unless the caller explicitly sends data to a hosted API.
MCP Proxy	MCP Proxy wraps local MCP traffic to add AgentVeil controls. Raw MCP arguments remain local by default. Data sent to hosted AgentVeil APIs should be limited to hashes and operational metadata required for the decision.

Hosted Control and Evidence APIs

When you use hosted Runtime Gate, receipts, reputation, delegation, approval, governance, and audit APIs, we store the operational data needed to provide the service:

agent identifiers, public keys, display names, and registration metadata;
Runtime Gate metadata such as action name, resource identifier, environment, decision, reason, timestamps, and hashes;
signed decision receipts, execution receipts, approval receipts, and audit events;
reputation, delegation, governance policy, and risk-signal metadata;
API request metadata, usage timestamps, IP addresses, and rate-limit counters for security and abuse prevention;
support contact information if you email us or request help.

This hosted ledger is intended to prove what was requested, which policy or risk class applied, who or what approved or blocked it, when it happened, and which payload was involved by hash. It is not intended to store the raw payload itself.

Customer Evidence Store

Raw evidence such as prompts, source code, MCP arguments, tool outputs, private logs, and sensitive payloads should normally remain in your environment: local storage, your SIEM, customer-owned object storage, or an enterprise deployment you control. AgentVeil receipts bind to that evidence through hashes such as payload_hash, params_hash, and result_hash. If a dispute or audit requires raw evidence later, you can present the raw artifact and an auditor can recompute the hash and compare it with the signed receipt.

Hosted Content Surfaces

Some AgentVeil endpoints and workflows can process user-provided content because they exist to carry that content, for example messages, jobs, support requests, or direct SDK execution parameters. Treat those surfaces as hosted content workflows, not metadata-only Runtime Gate evidence. Use them only when that content is intentionally part of the workflow.

What Not To Send

Runtime Gate is designed to receive hashes and bounded metadata, not raw action payloads. Do not send secrets, credentials, private prompts, sensitive customer data, source code, personal data, or confidential business content as resource names, metadata fields, message payloads, policy fields, denial reasons, support messages, job descriptions, or direct execution parameters unless you intentionally want that content processed by the hosted service.

No Model Training

We do not use customer data, source code, scan reports, action metadata, receipts, prompts, messages, jobs, direct execution parameters, or hosted API content to train AI models.

How We Use Data

to provide Runtime Gate decisions, signed receipts, audit verification, reputation signals, and related API features;
to secure the service, prevent abuse, rate-limit traffic, investigate incidents, and maintain platform integrity;
to respond to support requests;
to improve reliability using aggregated operational metrics that do not train AI models.

Sharing

We do not sell personal information. We may share limited operational data with infrastructure providers strictly as needed to run AgentVeil, comply with law, protect users, or prevent abuse.

Retention

During preview, our default retention target for hosted operational data is 30 days. Some security, audit, abuse-prevention, legal, or customer-requested evidence records may be retained longer where necessary to operate and protect the service.

You may request deletion by contacting ob@agentveil.dev. Some signed receipts, audit hashes, or records required for security, legal, or integrity reasons may not be immediately deletable.

Security

AgentVeil uses technical safeguards including Ed25519 signatures, hash-based evidence, bounded schemas, redaction paths, and owner-only lookup for sensitive hosted records. No internet service is perfectly secure. Do not send secrets or sensitive payloads to hosted APIs unless the specific workflow requires it and you understand the risk.

Your Rights

Depending on your location, you may have rights to request access, correction, deletion, restriction, objection, portability, or a copy of personal data. Contact ob@agentveil.dev.

Children

The service is not intended for users under 18.

Changes

We may update this policy as AgentVeil changes. Material updates will be reflected by changing the date above.

Contact

ob@agentveil.dev