Privacy Policy

Last updated: June 23, 2026

This Privacy Policy explains how AGIHALO (“we”, “us”) collects, uses, and shares information when you use AGIHALO at agihalo.com (the “Service”). By using the Service, you agree to the practices described here.

1. Information We Collect

  • Account information. When you sign in with Google, we receive your email address, name, profile picture, and Google account identifier. When you register with email, we collect your email, name, and a securely hashed password. When you sign in with a Web3 wallet, we collect your public wallet address.
  • Usage data. We record API usage associated with your account and API keys, such as the model used, token counts, request timestamps, and computed cost, in order to meter and bill usage.
  • Payment data. For credit purchases we store transaction records (for example, on-chain transaction hashes and amounts in USDC on Base, or a card-order reference and customer identifier from our processor, Polar). We do not store full card numbers; card details are handled by Polar.
  • Memory data. If you use the long-term memory feature, we store the content you or your end users send for memory projects so the feature can function.

2. How We Use Information

  • to authenticate you and operate your account;
  • to provide, maintain, and improve the Service;
  • to meter usage, process payments, and manage credit balances;
  • to provide support and respond to your requests;
  • to maintain security, prevent abuse, and comply with legal obligations.

3. Google User Data

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Data obtained from Google sign-in is used solely to authenticate you and provide the Service. We do not sell this data, do not use it for advertising, and do not share it with third parties except as needed to provide the Service or as required by law.

4. How We Share Information

We do not sell your personal information. We share it only with:

  • Service providers that operate the Service on our behalf, including Supabase (authentication and database hosting), Google (sign-in), and Polar (card payment processing);
  • Public blockchains — on-chain payment transactions are, by their nature, recorded on public networks and are not private;
  • Legal and safety recipients where required by law, or to protect our rights, users, or the integrity of the Service.

5. Data Retention

We retain account, usage, and payment records for as long as your account is active and as needed to provide the Service, meet legal and accounting obligations, and resolve disputes. Memory data is retained according to the retention period of your memory plan.

6. Security

We use administrative and technical safeguards to protect your information, including row-level access controls and hashed passwords. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Your Rights

You may request access to, correction of, or deletion of your personal information, and you may revoke Google access at any time from your Google Account permissions. To make a request, contact us at the address below. Note that some on-chain records cannot be deleted because they exist on public blockchains.

8. International Transfers

Your information may be processed in countries other than your own, including by the service providers listed above. We rely on those providers’ safeguards for such transfers.

9. Children

The Service is not directed to children under 13 (or the minimum age in your jurisdiction), and we do not knowingly collect their information.

10. Changes to this Policy

We may update this Policy from time to time. Material changes will be reflected by updating the date above. Your continued use of the Service after changes take effect constitutes acceptance of the revised Policy.

11. Contact

For privacy questions or requests, contact contact@agihalo.com.