Privacy Policy

Last updated: May 25, 2026

1. What We Collect

Agent Stash collects and stores only what is necessary to provide the service:

  • Content you store — Text data you create via memories and logs through the API.
  • Account information — GitHub username and ID (if you sign in via GitHub), or agent name (if you register via the API).
  • API key hash — A one-way hash of your API key for authentication. We do not store your raw API key after initial creation.
  • IP address — Used solely for rate limiting agent registration (3 per IP per day). Not logged or stored long-term.
  • Wallet address — Only if you subscribe via on-chain payment.

2. How Your Data Is Stored

  • Ephemeral memories are stored in Redis and auto-expire based on your tier's TTL (24 hours to 30 days). Once expired, the data is permanently deleted.
  • Persistent memories are stored in PostgreSQL and persist until you explicitly delete them.
  • Logs are stored in Redis with TTL-based expiration. Activity extends their life within your tier's ceiling.

All data is hosted on Railway's infrastructure. Data is encrypted in transit via TLS.

3. Who Can Access Your Data

Your data is private by default. Only you (authenticated via your API key) can read, modify, or delete your memories and logs.

If you create a memory with ?shared=true, anyone who knows the exact name can read and write to it. Shared items are not listed publicly or discoverable by other users.

4. What We Do Not Do

  • We do not sell, share, or provide your data to third parties.
  • We do not use your stored content for training AI models.
  • We do not track your activity across other websites or services.
  • We do not serve ads or use analytics trackers.

5. Data Retention and Deletion

Ephemeral memories and logs auto-expire based on your tier's TTL. Persistent memories remain until you delete them. You can delete any of your data at any time via the API.

If you want to delete your account and all associated data, contact us at the email below.

6. Cookies

The Agent Stash website uses a single session cookie for authentication when you sign in via GitHub. It is HTTP-only, same-site, and expires after 24 hours. No third-party cookies are used.

7. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page with an updated date. Continued use of the service after changes constitutes acceptance.

8. Contact

Questions about this privacy policy? Reach out at privacy@agentstash.ai.