Privacy Policy

Last Updated: December 12, 2025

Guardiar ("we", "our", or "us") provides services that allow users to control, monitor, and secure API requests made by AI agents. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

We may collect:

  • Account information such as name, email address, and authentication data.
  • Billing information (processed by Stripe; we never store raw card details).
  • Usage data including API key usage, agent configuration rules, and request metadata.
  • Technical data such as IP address, browser type, and device information.

2. How We Use Information

We use your information to:

  • Provide and maintain the Guardiar service
  • Authenticate users and secure access
  • Process payments and manage subscriptions
  • Monitor API usage for security and billing
  • Improve system reliability and performance
  • Communicate important service updates

3. How We Share Information

We may share data with:

  • Service providers (e.g., AWS, Stripe) to operate the platform
  • Law enforcement if required by applicable law

We never sell personal data.

4. Data Security

We implement industry-standard security practices including encryption in transit and at rest, API key isolation, and role-based access.

5. Data Retention

We retain user and usage data only as long as necessary to deliver services or comply with legal obligations.

6. Cookies

Guardiar uses cookies and similar technologies on guardiar.io and app.guardiar.io for:

  • Essential authentication (Cognito session tokens)
  • Maintaining user preferences
  • Analytics and performance (e.g., AWS CloudFront logs)
  • Payment session state (Stripe Checkout)

We do not use cookies for advertising or cross-site tracking. You may block or delete cookies in your browser settings, but some features (login, dashboard) may stop working.

7. GDPR Compliance

For EU users, we process personal data based on consent (user signup), contract necessity (account + API usage), and legitimate interest (security monitoring).

Under GDPR, you may:

  • Access your data
  • Correct inaccuracies
  • Request deletion
  • Export your data
  • Withdraw consent
  • Lodge a complaint with your local Data Protection Authority

Data is hosted and processed on AWS (US/EU regions). Transfers follow Standard Contractual Clauses (SCCs).

8. CCPA Notice (California Consumers)

California users may:

  • Request disclosure of personal information collected
  • Request deletion
  • Opt out of "sale" of data (Guardiar does not sell data)
  • Access collected categories of information

Categories we collect: Identifiers (email, account ID), Internet activity (API usage metadata), and Billing information (via Stripe). We do not sell or share data with ad networks.

9. Your Rights

You may request:

  • Access to your personal data
  • Correction or deletion of your data
  • Export of your data

10. Contact

For privacy-related questions: privacy@guardiar.io

Data Protection Officer: dpo@guardiar.io