App iconAI Agents HouseBack to App

Privacy Policy

Effective Date: August 1, 2025 Last Updated: August 1, 2025

1. Introduction

AI Agents House ("we," "our," or "us") provides AI agent governance and compliance monitoring services primarily to financial institutions. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our services, website, and platform.

Given the sensitive nature of financial services data, we are committed to maintaining the highest standards of data protection and regulatory compliance.

2. Information We Collect

2.1 Customer Account Information

  • Business contact details (name, email, phone, company)
  • Account credentials and authentication data
  • Billing and payment information
  • Communications with our support team

2.2 AI Agent Monitoring Data

When you use our platform to monitor AI agents, we may collect:

  • Agent decision logs and reasoning chains
  • Model performance metrics and analytics
  • Compliance scoring and risk assessments
  • Tool usage and integration data
  • Interaction patterns and behavioral analytics
  • Error logs and system performance data

2.3 Financial Services Data

Depending on your deployment, we may process:

  • Customer transaction patterns (aggregated/anonymized where possible)
  • Credit decision data and loan application information
  • Compliance monitoring results
  • Risk assessment outputs
  • Audit trail information
  • Any other data your AI agents process that you configure us to monitor

2.4 Technical Information

  • IP addresses and device information
  • Browser type and operating system
  • Usage analytics and platform interactions
  • Cookies and similar tracking technologies
  • System logs and performance metrics

2.5 Third-Party Integrations

Data from integrated services including:

  • Cloud platforms (Google Cloud, AWS)
  • Analytics services (Google Analytics, PostHog)
  • Payment processors (Stripe)
  • Other business tools you connect to our platform

3. How We Use Information

3.1 Service Delivery

  • Provide AI agent governance and monitoring services
  • Generate compliance reports and documentation
  • Detect and alert on policy violations or risks
  • Maintain audit trails for regulatory requirements
  • Provide customer support and technical assistance

3.2 Platform Improvement

  • Analyze usage patterns to improve our services
  • Develop new features and capabilities
  • Enhance security and compliance monitoring
  • Optimize platform performance

3.3 Compliance and Legal

  • Meet regulatory requirements (SR 11-7, Fair Lending, GDPR, etc.)
  • Respond to legal requests and regulatory inquiries
  • Maintain required audit documentation
  • Ensure data security and breach notification

3.4 Business Operations

  • Process payments and billing
  • Communicate about service updates
  • Marketing (only with consent, and never using customer financial data)

4. Information Sharing and Disclosure

4.1 No Customer Data Sharing

We do not share, sell, or disclose customer financial data between different financial institution clients unless explicitly agreed upon in writing.

4.2 Service Providers

We may share information with trusted third-party service providers who assist in:

  • Cloud hosting and infrastructure (Google Cloud, AWS, Vercel)
  • Payment processing (Stripe)
  • Analytics and monitoring (Google Analytics, PostHog)
  • Customer support tools

All service providers are contractually bound to protect data and use it only for specified purposes.

4.3 Legal Requirements

We may disclose information when required by:

  • Valid legal process (subpoenas, court orders)
  • Regulatory examinations or investigations
  • Emergency situations to prevent harm
  • Compliance with applicable laws and regulations

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, customer information may be transferred, subject to equivalent privacy protections.

5. Data Security

5.1 Security Measures

We implement industry-standard security measures including:

  • Encryption in transit and at rest
  • Multi-factor authentication
  • Regular security assessments and audits
  • Access controls and role-based permissions
  • Continuous monitoring for security threats

5.2 Compliance Frameworks

We design our security practices to align with:

  • SOC 2 Type II standards (certification planned)
  • ISO 27001 requirements
  • Financial services security guidelines
  • GDPR technical and organizational measures

5.3 Data Breach Response

In the event of a data breach, we will:

  • Investigate and contain the incident immediately
  • Notify affected customers within 72 hours when required
  • Cooperate with regulatory authorities as needed
  • Provide detailed incident reports and remediation plans

6. Data Retention

6.1 Retention Periods

  • Account information: Retained while account is active plus 7 years
  • AI monitoring data: Retained per regulatory requirements (typically 5-7 years)
  • Audit logs: Retained for minimum regulatory periods
  • Marketing data: Retained until consent is withdrawn

6.2 Data Deletion

Upon account termination or data deletion requests:

  • Customer data will be deleted within 30 days unless legally required to retain
  • Backup copies will be deleted within 90 days
  • Aggregated, anonymized data may be retained for analytics

7. International Data Transfers

7.1 Global Operations

Data may be transferred to and processed in:

  • United States (primary data centers)
  • Other countries where our service providers operate
  • Locations necessary for service delivery

7.2 Transfer Safeguards

For international transfers, we use:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where available
  • Additional safeguards as required by applicable law

8. Your Rights and Choices

8.1 Access and Control

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request data deletion (subject to regulatory requirements)
  • Object to certain processing activities
  • Data portability where applicable

8.2 Marketing Communications

You can opt out of marketing communications at any time through:

  • Unsubscribe links in emails
  • Account settings in our platform
  • Contacting us directly

8.3 Cookie Management

You can control cookies through:

  • Browser settings
  • Our cookie preference center
  • Opting out of analytics tracking

9. Regulatory Compliance

9.1 Financial Services Regulations

Our privacy practices support compliance with:

  • SR 11-7 model risk management requirements
  • Fair Lending Act documentation needs
  • OCC third-party risk management guidelines
  • Bank Secrecy Act record-keeping requirements

9.2 Data Protection Laws

We comply with applicable data protection regulations including:

  • GDPR (for EU data subjects)
  • CCPA (for California residents)
  • State privacy laws as applicable
  • Financial privacy regulations (GLBA, etc.)

10. Cookies and Tracking

10.1 Types of Cookies

We use:

  • Essential cookies: Required for platform functionality
  • Analytics cookies: To understand usage and improve services
  • Performance cookies: To monitor and optimize platform performance
  • Marketing cookies: For advertising and promotional activities (with consent)

10.2 Cookie Management

You can manage cookie preferences through our cookie banner and preference center.

11. Children's Privacy

Our services are not intended for individuals under 18. We do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

  • Post updated policies on our website
  • Notify customers of material changes via email
  • Provide 30 days' notice for significant changes

13. Contact Information

For privacy-related questions or requests:

Email: hello@aiagentshouse.com Mail: AI Agents House, [Address] Phone: [Phone Number]

For EU data subjects, you may also contact your local data protection authority.

14. Effective Date

This Privacy Policy is effective as of [Date] and supersedes all prior versions.

This Privacy Policy is designed to meet the requirements of multiple jurisdictions and regulatory frameworks. For specific legal advice regarding your jurisdiction or use case, please consult with qualified legal counsel.