Privacy for agent identity and verifier decisions.

A starter policy for the public Gardien preview. Counsel review is required before large pilots or production processing of sensitive data.

Effective June 9, 2026

Information we may collect

Account contact details, organization details, agent passport metadata, verifier site configuration, support messages, usage logs, security events, and billing/contact information if a paid plan is added.

Verifier and audit data

Gardien is designed to log decisions, identifiers, hashes, scopes, timestamps, site IDs, and safe route/action patterns. Raw customer records, passwords, private keys, API keys, and full request bodies should not be sent to Gardien unless a specific protected vault feature is being used.

How we use information

We use information to operate the product, verify agent requests, enforce policies, provide support, investigate abuse, improve reliability, communicate with customers, and meet legal/security obligations.

Security

We use reasonable technical and organizational safeguards appropriate for an early-stage security product. No system is perfectly secure, and customers should avoid sending secrets through support email or unprotected fields.

Retention

Operational logs and account records are retained as needed to provide the service, maintain security, resolve disputes, comply with law, and support customer audit needs. Customers may request deletion where legally and technically appropriate.

Your choices

Contact us to request access, correction, deletion, export, or privacy information. Some records may need to be retained for security, legal, audit, or abuse-prevention reasons.

Contact

Privacy questions or requests can be sent through the contact page. Do not include passwords, private keys, API keys, or full customer records in email.