Legal

Privacy Policy

Last updated: May 4, 2026

1. What we collect

Agent FP collects the minimum data necessary to provide its detection service:

  • Behavioral signals: Anonymized timing data, scroll patterns, mouse movement entropy, and interaction cadence. No raw coordinates are stored.
  • Network signals: TLS fingerprint hashes, HTTP header order hashes, and IP address geolocation (country/region only). Full IP addresses are hashed within 24 hours.
  • Account data: Name and email address provided at signup. Domain(s) you configure for monitoring.
  • Usage data: Request counts, detection results, and confidence scores associated with your account.

We do not collect passwords, payment card numbers, or sensitive personal information beyond what is listed above.

2. How we use your data

  • To provide and improve the Agent FP detection service
  • To train and improve our detection models (using anonymized, aggregated signal data)
  • To send service-related emails (setup guides, alerts, billing)
  • To analyze usage patterns for product improvement

We do not sell your data to third parties. We do not use your data for advertising.

3. Data retention

Raw request signals are retained for 7 days (Free) or 90 days (Pro). Aggregated detection statistics are retained for 2 years. Account data is retained until you request deletion.

4. Third-party services

We use the following third-party services:

  • Cloudflare: Infrastructure and edge network
  • PostHog: Product analytics (anonymized)
  • Stripe: Payment processing (we never see your full card number)

5. Your rights

You may request access to, correction of, or deletion of your personal data at any time by emailing [email protected]. We will respond within 30 days.

If you are in the EU/EEA, you have additional rights under GDPR, including the right to data portability and the right to lodge a complaint with your supervisory authority.

6. Cookies

We use cookies for session management and, with your consent, for analytics. You may decline analytics cookies via the consent banner. Essential cookies cannot be declined as they are necessary for the service to function.

7. Security

We use industry-standard encryption in transit (TLS 1.3) and at rest (AES-256). We conduct regular security audits. To report a security issue, email [email protected].

8. Changes to this policy

We will notify customers of material changes to this policy by email at least 14 days before the changes take effect.

9. Contact

For privacy questions: [email protected]