Privacy · plain English

A home of its own. Not a shared room.

The short version: your agent runs on a server you control, in a region you pick. We don't see your conversations, and we don't share your context with anyone else's agent.

1 · Your agent's home

TL;DR. A server in your name. Not shared with anyone else.

Each agent runs on a dedicated server we set up in your name. Other users' agents never share that server. Your agent's memory is encrypted at rest.

2 · What we store

TL;DR. Conversations live on your server, not ours.

  • On your server: your conversations, your agent's long-term memory, the routines it runs, and a short technical log of what it did.
  • In our control plane: your AgentHut account email, subscription state, server status, the basics needed to operate the platform.
  • Not on us: the contents of your chats, the contents of your memories, the contents of any connected tool.

3 · Model providers

TL;DR. The model API only sees what it needs to answer.

Your agent uses model APIs (Anthropic, OpenAI, Mistral, Gemini, or your own keys). API requests leave your server only when needed to answer a prompt, and providers' data-retention policies apply to that traffic. With your own keys, your zero-retention agreement carries over.

4 · Permissions

TL;DR. Anything that touches the world asks first.

Sensitive actions — sending messages, paying, scheduling, deleting — stage themselves and ask before they run. You can revoke any permission, any tool, any time.

5 · Export & delete

TL;DR. One-click delete. JSON export anytime.

You can export the full memory + routine library as JSON. You can delete everything in one click; we wipe the server within 7 days.

6 · Who at AgentHut can see what

TL;DR. By default, nobody. Read-only on request, auto-expires.

By default, AgentHut staff have no access to your server. When you ask for support, you can grant temporary, read-only access; we close that access automatically after 24 hours.

7 · Sub-processors

TL;DR. Short list. 30-day notice before adding any.

We list the third parties we rely on (server provider, DNS, payment, email) on our sub-processors page. We'll email you 30 days before adding any new sub-processor.

TL;DR. US controller (Delaware). GDPR rights apply.

Data controller: AgentHut Labs Inc. (Delaware, USA). For privacy questions, use the form on our contact page or write to [email protected]. Your GDPR rights (access, correction, deletion, portability) apply to data we process about you, regardless of where the company is incorporated.

9 · Cookies

TL;DR. Strictly necessary only. No third-party trackers.

The marketing site uses a couple of strictly-necessary cookies to remember your session and your preferences. We don't run third-party advertising or analytics trackers. If we ever add analytics, we'll ask first and let you say no.

Private beta · spring 2026

You hold the keys. We just turn the lights on.

Request a private beta invite
No spam · One email when your turn comes up · Unsubscribe in one click