Last updated: March 15, 2026
Account Data: Email address, name, company name, and payment information (processed by Stripe — we never store card numbers).
Usage Data: Chat messages, agent configurations, task history, and token usage for billing and service improvement.
Integration Data: API keys and connection credentials you provide for third-party services (encrypted at rest).
We use your data to: (a) provide and improve the Service, (b) process payments, (c) send service-related communications, (d) provide customer support, (e) detect and prevent abuse.
We do not sell your data. We do not use your data to train AI models.
Your chat messages and task instructions are sent to Anthropic's Claude API for processing. This data is subject to Anthropic's usage policies. Anthropic does not use API inputs to train their models.
We use: Supabase (database and authentication), Stripe (payments), Anthropic (AI), and Maton (API integrations). Each has their own privacy policy.
We use industry-standard security measures including encryption in transit (TLS), encryption at rest for sensitive data, and row-level security policies in our database. API keys are stored encrypted.
We retain your data for as long as your account is active. Chat history is retained for 90 days. Upon account deletion, all data is permanently removed within 30 days.
You may: (a) access your data through the dashboard, (b) export your data by contacting support, (c) delete your account and all associated data, (d) opt out of non-essential communications.
We use essential cookies for authentication. We do not use tracking or advertising cookies.
We may update this policy. Material changes will be communicated via email. Continued use after changes constitutes acceptance.
For privacy inquiries, email contact@bastionsec.dev.