Privacy Policy

1. Information We Collect

We collect the minimum data needed to provide the Service:

• Email address — for authentication and account identification
• Usage data — interaction count, plan type, timestamps
• Payment information — processed and stored securely by Stripe; we do not store card numbers

2. How We Use Your Data

• To authenticate you and manage your account
• To track usage and enforce plan limits
• To process payments via Stripe
• To send transactional emails (magic links, receipts)

We do not sell your data. We do not send marketing emails.

3. Third-Party Services

We use the following third-party services that may process your data:

• Stripe — payment processing (privacy policy)
• Anthropic (Claude) — AI model for agent generation (privacy policy)
• Resend — email delivery (privacy policy)
• MongoDB Atlas — database hosting
• Vercel — frontend hosting
• Railway — backend hosting

4. Data Retention

Account data is retained while your account is active. Magic link tokens are automatically deleted after expiration. You may request deletion of your account and data by contacting us.

5. Security

We use industry-standard security measures including encrypted connections (HTTPS), secure cookie handling, and JWT-based authentication. Payment data is handled entirely by Stripe and never touches our servers.

6. Cookies

We use a single session cookie (twelve_monkeys_session) for authentication. We do not use tracking cookies or analytics cookies.

7. Your Rights

You have the right to: access your data, request correction, request deletion, and export your data. Contact us to exercise any of these rights.

8. Children

The Service is not directed to children under 13. We do not knowingly collect data from children.

9. Changes

We may update this policy. Material changes will be communicated via email. Continued use constitutes acceptance.

10. Contact

Privacy questions? Email 1deeptechnology@gmail.com