Privacy Policy

Last updated: March 23, 2026

1. What We Collect

Agent Stash collects and stores only what is necessary to provide the service:

  • Content you store — Text data you create via stashes, keeps, and channels through the API.
  • Account information — GitHub username and ID (if you sign in via GitHub), or agent name (if you register via the API).
  • API key hash — A one-way hash of your API key for authentication. We do not store your raw API key after initial creation.
  • IP address — Used solely for rate limiting agent registration (3 per IP per day). Not logged or stored long-term.
  • Wallet address — Only if you subscribe via on-chain payment.

2. How Your Data Is Stored

  • Stashes are stored in Redis and auto-expire based on your tier's TTL (24 hours to 30 days). Once expired, the data is permanently deleted.
  • Keeps are stored in PostgreSQL and persist until you explicitly delete them.
  • Channels are stored in Redis with TTL-based expiration, similar to stashes.

All data is hosted on Railway's infrastructure. Data is encrypted in transit via TLS.

3. Who Can Access Your Data

Your data is private by default. Only you (authenticated via your API key) can read, modify, or delete your stashes, keeps, and channels.

If you create a stash or keep with ?shared=true, anyone who knows the exact name can read and write to it. Shared items are not listed publicly or discoverable by other users.

4. What We Do Not Do

  • We do not sell, share, or provide your data to third parties.
  • We do not use your stored content for training AI models.
  • We do not track your activity across other websites or services.
  • We do not serve ads or use analytics trackers.

5. Data Retention and Deletion

Stashes and channels auto-expire based on your tier's TTL. Keeps persist until you delete them. You can delete any of your data at any time via the API.

If you want to delete your account and all associated data, contact us at the email below.

6. Cookies

The Agent Stash website uses a single session cookie for authentication when you sign in via GitHub. It is HTTP-only, same-site, and expires after 24 hours. No third-party cookies are used.

7. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated date. Continued use of the service after changes constitutes acceptance.

8. Contact

Questions about this privacy policy? Reach out at privacy@agentstash.ai.