Privacy Policy

Last Updated: May 25, 2026

1. Information We Collect

AgentSight collects data necessary to provide our AI visibility auditing services. This includes:

  • Account Data: Email address and profile information provided via Firebase Authentication.
  • Audit Data: Website URLs submitted for analysis, along with the resulting DOM structure and metadata.
  • Connected Data: Read-only access to Google Analytics 4 and Google Search Console data, strictly for the purpose of generating performance reports.

2. AI Processing Transparency

To generate visibility insights, we process anonymized website data through third-party AI providers including OpenRouter, Groq, and Google Gemini. We do not share your personal account information or connected analytics data with these providers for training purposes.

3. Data Security & Encryption

We implement industry-standard security measures to protect your data:

  • All OAuth tokens (GA4/GSC) are encrypted at rest using AES-256-GCM.
  • Database communication is secured via SSL/TLS.
  • Authentication state is managed through signed secure session cookies.

4. Cookies and Tracking

We use essential cookies to maintain your session and ensure secure access to your account. We use Vercel Analytics to monitor platform performance and identify technical issues.

5. Your Data Rights (GDPR/UK GDPR)

If you are located in the European Economic Area or United Kingdom, you have the following rights:

  • Right of Access: Request a copy of the data we hold about you.
  • Right of Erasure: Request deletion of your personal data ("right to be forgotten").
  • Right of Rectification: Correct inaccurate data we hold about you.
  • Right of Portability: Receive your data in a machine-readable format.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Restrict: Request we restrict processing while a dispute is resolved.

To exercise any of these rights, email hello@agentsight.app. We will respond within 30 days.

6. Lawful Basis for Processing

We process your data under the following lawful bases:

  • Contract: To deliver the audit services you have signed up for.
  • Legitimate Interest: To improve the platform and prevent fraud.
  • Consent: For any marketing communications (you may withdraw at any time).

7. Data Retention

Account data is retained for the duration of your subscription plus 90 days after cancellation.

Audit reports and website data are retained for 12 months.

You may request earlier deletion at any time.

8. Data Transfers

Our infrastructure uses Supabase (EU region), Vercel (global CDN), and Firebase (Google Cloud). Data may be processed outside the EEA. All transfers are governed by Standard Contractual Clauses.

9. Supervisory Authority

If you are unhappy with how we handle your data, you have the right to lodge a complaint with your local data protection authority. In the UK: the ICO (ico.org.uk).

For any questions regarding your data privacy, please contact our Data Protection Officer at hello@agentsight.app.