Last updated: May 4, 2026
We collect information you provide directly to us when you create an account or sign up for early access: your name, email address, company name, and the services you intend to protect. We also collect technical information about your use of the service, including API request logs, nonce issuance records, and usage metrics.
We use your information to: provide and improve the Agent Nonce service; send you product updates and security notifications; respond to your support requests; and analyze usage patterns to improve service reliability and performance.
We do not sell your personal information to third parties. We do not use your credential configuration data for any purpose other than providing the service.
The API keys and credentials you store in Agent Nonce's vault are encrypted at rest using AES-256 and in transit using TLS 1.3. We apply strict access controls — vault contents are never accessible to Agent Nonce employees except in specific, logged incident-response scenarios. Nonces issued by the service are ephemeral and are permanently deleted when they expire or are revoked.
Nonce activity logs are retained for 7 days (Free tier) or 90 days (Pro/Enterprise) and then permanently deleted. Account information is retained for the duration of your account plus 30 days after deletion. Vault credentials are deleted immediately upon removal from your workspace.
We use cookies to maintain your session and preferences. We use PostHog for product analytics, which may collect anonymized usage data to help us improve the service. You can opt out of analytics cookies via the cookie banner on this site.
We may share your information with: cloud infrastructure providers (Cloudflare, AWS) as necessary to provide the service; legal authorities if required by law; and business successors in the event of a merger or acquisition.
You may request access to, correction of, or deletion of your personal data by contacting privacy@agentnonce.com. We will respond to requests within 30 days.
We implement industry-standard security measures including encryption at rest and in transit, role-based access controls, and regular security audits. We are pursuing SOC 2 Type II certification.
Questions about this policy? Contact us at privacy@agentnonce.com or Agent Nonce, Inc., San Francisco, CA.