AIRGAP — Legal

Privacy Policy

Table of contents
← Terms of Service

Last updated: 14 May 2026.

This Privacy Policy describes what AIRGAP ("AIRGAP", "we", "us") collects, how we use it, and the third parties that touch your data. Reading this should not take more than ten minutes.

What we collect

We deliberately collect very little. Specifically:

  • Your wallet address. Captured during SIWE sign-in; cryptographically derived from a signature your wallet produces. Stored in our users table.
  • Agent configurations. The data sources, prompts, watchlist terms, intensity setting, and alert routing rules you set when creating or editing an agent. Stored in our agents table.
  • Signal history. Every signal an agent emits is stored so you can read it later and so the agent's memory model can learn from past signals. Stored in our signals table.
  • Discord webhook URL. Provided either by pasting or via the Discord OAuth flow. Encrypted at rest with AES-256-GCM. Stored in our users table.
  • Telegram chat ID. If you connect Telegram delivery, the numeric chat ID of the conversation you initiated with our bot. Stored in our alert_settings table.
  • Optional Telegram session string. Used only for the legacy Telegram user-account agent (a self-hosted-process feature, off by default). Encrypted at rest with AES-256-GCM.
  • IP address. Captured transiently for cron-job authorization, rate limiting, and abuse-prevention. Not persisted beyond the request log retention window of our hosting provider (Vercel — see "Third parties" below).
  • Permit2 authorization receipts. The EIP-712 typed-data you signed and the resulting signature. Stored in our permit2_authorizations table; the signature itself is public information anyone can recover from on-chain Permit2 calls.
  • Usage charges. One row per LLM call recording the agent, the user, the model used, input/output token counts, and the cost in micro-USDC. Stored in our usage_charges table.

What we do not collect

  • We do not collect your real-world identity. We never ask for your name, address, date of birth, or government ID.
  • We do not run KYC or AML checks. There is no KYC pipeline behind the sign-in flow.
  • We do not collect payment cards or bank details. All payment happens on-chain via USDC.
  • We do not collect biometrics, device fingerprints, or third-party advertising cookies.
  • We do not track you across websites. We do not run analytics SDKs that fingerprint you.

How we use what we collect

  • To run your agents — fetch data sources, send it to our LLM router, persist results, deliver signals to your connected channels.
  • To bill you for LLM usage on a per-agent basis. We never charge more than the displayed rate; usage charges are itemized in your dashboard.
  • To enforce rate limits and detect abuse, including unusual signal-emission patterns, unusual API token activity, and suspicious sign-in attempts.
  • To improve the platform. We may look at aggregate, anonymized signal metrics (how many fired today, average confidence, agent type popularity) to inform feature work. We do not look at the content of your agents' prompts or signals for product analytics.

Third parties we share with

When you run AIRGAP, the following third parties necessarily see slices of your data:

  • LLM providers (Gemini, DeepSeek, Anthropic Claude). Receive the prompt content we send for inference — system prompts, source-data snippets, and the model output. They do NOT receive your wallet address or any account identifier beyond an opaque agent_id. They retain prompts per their own retention policies; check theirs directly.
  • Twitter / X via TwitterAPI.io. Receives the X account handles your X-type agents are configured to watch.
  • Supabase. Provides the Postgres database, authentication primitives, and Realtime channels. Sees the contents of every table listed under "What we collect" above. Hosted in the United States.
  • Vercel. Provides the application compute, edge network, and serverless function runtime. Sees request/response traffic in transit, log lines (with secrets redacted), and short-term function execution logs. Hosted globally.
  • Upstash. Provides the Redis cache used for rate limiting, deferred-delivery queueing, and cron-tick heartbeats. Sees rate-limit keys, queued signal payloads (in flight), and the heartbeat timestamp.
  • Coinbase Developer Platform / Base mainnet. All USDC transfers are public, on-chain, and irreversibly recorded on Base. Anyone can see your wallet's USDC balance, transfer history, and Permit2 allowance state.
  • Discord and Telegram. Receive the signal payloads we deliver to your configured webhook/chat. We send only the embed/message we render; we do not send any other account data to either platform.

We do not sell your data to anyone. We do not share your data with advertisers, data brokers, or analytics aggregators.

Encryption at rest

Stored secrets — Discord webhook URLs, Telegram session strings — are encrypted at rest with AES-256-GCM. The encryption key lives in an environment variable managed by Vercel and is never logged.

In transit, all data flows over TLS 1.2 or higher.

Data retention

We retain your data indefinitely while your account is active. When you delete your account from the settings page, we delete:

  • Your row in the users table.
  • All agent configurations owned by your account.
  • All signals emitted by your agents.
  • All Permit2 authorization receipts (on-chain records remain public).
  • All usage charges, alert settings, and API tokens.

Backups are rotated every fourteen (14) days; deletion takes effect immediately in the live database and is purged from backups on the next rotation. We do not retain account data after the next rotation following your deletion request.

Cron heartbeats and rate-limit counters in Redis carry TTLs of one hour to seven days and are not user-attributable.

Your rights

Regardless of where you are located, you may:

  • Export your data — your agents, signals, and usage charges are available via the documented REST API at /api/v1, authenticated with your wallet. Issue an API token from the settings page and pull whatever you need.
  • Delete your account — from the settings page. See the retention section above for the timing.
  • Correct your data — agent configs are user-editable in the dashboard; if you find a row that needs correction and the dashboard can't reach it, email the contact below.

If you are a resident of the European Economic Area, the United Kingdom, California, or another jurisdiction with comprehensive data-protection law, you have additional rights under those laws (including the right to lodge a complaint with your supervisory authority). Exercise those rights by emailing the contact below.

Children

AIRGAP is not directed to anyone under the age of eighteen. We do not knowingly collect data from anyone under eighteen. If you believe a minor has used AIRGAP, contact us and we will delete the account.

Changes to this Policy

We may revise this Policy at any time. Material changes will be posted on this page with an updated "Last updated" date. Continued use of AIRGAP after a change constitutes acceptance.

Contact

Privacy questions, data-subject-access requests, and complaints go to: airgap_dev@proton.me

Acting Data Protection Officer: airgap_dev@proton.me