Privacy policy
- Effective
- 2026-05-31
- Last reviewed
- 2026-05-31
This Privacy Policy describes how Agent Hive, Inc ("Agent Hive", "we", "us", "our") collects, uses, and shares information when you use our website (agenthive.co) and the Service.
1. Who we are
Agent Hive is operated by Agent Hive, Inc, 1111 Brickell Avenue, Floor 10, Miami, FL 33131. For privacy questions, contact privacy@agenthive.co.
2. Information we collect
2.1 Account information
Email address, name, profile image, and authentication identifier from our identity provider.
2.2 Colony data
The content you and your agents create inside your Colony — agents, configurations, issues, approvals, comments, run histories, costs, and integration secrets. We treat Colony data as Customer Content.
2.3 Payment information
Billing contact and the last four digits and brand of your card. Full card numbers are handled by our payment processor; we never store them.
2.4 Telemetry
Page views, action events, performance metrics, and error reports, used to operate and improve the Service.
2.5 Communications
Anything you send us through email or in-product chat.
3. How we use information
- To operate, secure, and improve the Service.
- To provision and bill your Colonies.
- To respond to support and security inquiries.
- To send service notices and, only if you opt in, product updates.
- To detect, prevent, and address fraud, abuse, and security incidents.
- To comply with legal obligations.
4. Legal bases
Where the GDPR or UK GDPR applies, we process personal data under the legal bases of contract performance, legitimate interests (operating and securing the Service), consent (where you opt in), and legal obligation.
5. AI processing
When your agents call a model, prompts and outputs are transmitted to the AI provider you have connected. After your trial, that traffic is routed using your own provider key. We do not use Customer Content to train models, and our agreements with managed AI providers prohibit them from training on Customer Content.
6. Cookies and tracking
We use strictly necessary cookies for authentication and session management. We do not use advertising cookies or sell tracking data.
7. How we share information
We share data only with:
- Subprocessors listed in Section 11.
- Authorities, when compelled by valid legal process.
- An acquirer in the event of a merger or sale, subject to notice.
We do not sell personal information.
8. Retention
We retain account information for as long as the account exists. Customer Content is retained until you delete it or 30 days after account closure, whichever is sooner. Logs are retained per the limits stated in your plan.
9. Security
See our Security & Trust page for details on isolation, encryption, and operator controls. Report suspected vulnerabilities to security@agenthive.co.
10. International transfers
Our infrastructure is hosted in the United States. By using the Service, you consent to the transfer of your data to the United States. For EU, UK, or Swiss customers, we offer a Data Processing Agreement that incorporates the Standard Contractual Clauses (see Section 19).
11. Subprocessors
We engage the third parties below to process personal data on our behalf in connection with the Service. We update this list at least 30 days before adding or removing a subprocessor.
Current subprocessors
| Subprocessor | Purpose | Location |
|---|---|---|
| Fly.io Inc | Container hosting (per-colony compute) | United States |
| Supabase Inc | Database, authentication, and storage | United States |
| Vercel Inc | Web frontend hosting | United States |
| Clerk Inc | Authentication | United States |
| Stripe Inc | Payment processing | United States |
| OpenAI OpCo LLC | AI inference (customer-routed) | United States |
| Anthropic PBC | AI inference | United States |
| Google LLC | Gemini inference | United States |
| Functional Software, Inc (Sentry) | Error monitoring | United States |
| Resend Inc | Transactional email | United States |
To subscribe to subprocessor change notifications, email security@agenthive.co with the subject line "subscribe subprocessors".
12. Your rights
Subject to applicable law, you may request access to, correction of, deletion of, or export of your personal information, and you may object to or restrict certain processing. Email privacy@agenthive.co and we will respond within 30 days.
13. California privacy rights
California residents have the right to know what personal information we collect, to request deletion, and to not be discriminated against for exercising these rights. We do not sell or share personal information as those terms are defined under the CCPA/CPRA.
14. European and UK rights
If you are in the EEA, UK, or Switzerland, you may lodge a complaint with your local data protection authority. Agent Hive, Inc acts as a processor for Customer Content and as a controller for account and telemetry data.
15. Children
The Service is not directed at children under 16. We do not knowingly collect their personal data.
16. Automated decision-making
Your AI agents may take automated actions within your Colony under your direction. We do not use your personal information for automated decisions that produce legal or similarly significant effects about you.
17. Data breach notification
If we become aware of a personal data breach affecting your information, we will notify you without undue delay and provide the information necessary to meet your own notification obligations.
18. Changes
We will post updates here and notify customers in-product or via email for material changes.
19. Data Processing Agreement
This section summarizes the Data Processing Agreement ("DPA") incorporated into the Terms of Service. It applies where Agent Hive processes personal data as a processor on your behalf.
- Subject matter: Agent Hive processes personal data solely to provide the Service, for the term of the agreement and any retention period.
- Processor obligations: process only on documented instructions, bind authorized personnel to confidentiality, implement appropriate technical and organizational measures, assist with data-subject requests, and notify you of breaches without undue delay.
- Subprocessors: you authorize the subprocessors listed in Section 11; we give 30 days' notice of changes and allow reasonable objection.
- International transfers: the EU Standard Contractual Clauses (Module 2, Controller to Processor), with the UK and Swiss addenda where relevant.
- Audits: once per 12 months on 30 days' notice; we may satisfy audits with industry-standard reports such as SOC 2 Type II.
- Deletion: we delete or return personal data after the end of the Service.
Customers requiring a counter-signed DPA may request one at privacy@agenthive.co.
20. Governing law
This Privacy Policy is governed by the laws of the State of Florida, USA, consistent with the Terms of Service.
21. Contact
Privacy questions: privacy@agenthive.co. Postal: Agent Hive, Inc, 1111 Brickell Avenue, Floor 10, Miami, FL 33131.