Privacy Policy

Effective: May 29, 2026

1. What We Process

agent-signup processes the minimum data required to complete an automated identity provisioning run:

• Account credentials — email addresses, usernames, and passwords generated or supplied for signup automation.
• Workflow metadata — service names, timestamps, success/failure status, and runtime diagnostics.
• Artifacts — screenshots, page text snapshots, and flow logs generated during each run.
• Extracted API keys — service tokens and secrets discovered during dashboard extraction.

2. How Data Is Stored

All data resides in a local encrypted vault at ~/.agent-signup/vault.json on the operator's infrastructure. There is no central agent-signup cloud, no telemetry back to a vendor, and no third-party data lake.

3. Data Sharing

agent-signup does not sell, rent, or share data. Depending on operator configuration, data may transit through:

• Target SaaS endpoints — the services being signed up for (as intended).
• AgentMail — for email verification and magic-link polling.
• CAPTCHA providers — Capsolver, BestCaptchaSolver, or 2captcha for solving challenges.
• Proxy networks — IPRoyal or configured proxies for IP diversity.

The operator controls which providers are configured and may disable any of them.

4. Data Retention

Retention is entirely operator-managed. We recommend:

• Purge artifacts and screenshots after 30 days unless needed for debugging.
• Rotate extracted API keys periodically.
• Delete stale vault entries when accounts are no longer needed.

5. Security

• Vault file permissions are set to 0600 (owner read/write only).
• Credentials are stored in plaintext within the vault; operators are responsible for disk encryption (LUKS, FileVault, BitLocker).
• No network services expose the vault by default.

6. GDPR / Data Subject Rights

Because agent-signup is operator-hosted, data subject requests must be directed to the operator. The software provides tooling to:

• Export all vault data in JSON format (agent-signup vault export).
• Delete individual service entries or wipe the entire vault.
• Audit all stored credentials by service.

7. Changes

This policy may be updated as the software evolves. Check the effective date above.

Back to landing · Terms of Service