Legal

Privacy Policy

Effective date: March 20, 2026

myagents ("we", "us", "our") operates the myagents service at https://myagents.sh and provides identity and credential management infrastructure for AI agents. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

1. Information we collect

Account information. When you sign up, we collect your email address. If you sign in via Google or GitHub, we receive your email and name from that provider.

Agent configuration. We store the agent profiles you create: names, descriptions, instructions, and integration metadata (provider names, display values, environment variable names). Credential secrets are stored encrypted in Supabase Vault and are never stored in plaintext.

Usage data. We log activity events such as CLI session creation, credential access, and agent updates. These logs include timestamps, event types, and the source (CLI or dashboard).

Technical data. Standard server logs including IP addresses and request metadata, used solely for security and debugging.

2. How we use your information

  • To provide and operate the myagents service
  • To authenticate you and secure your account
  • To deliver credentials to your AI agents via authenticated CLI sessions
  • To show you your own activity logs in the dashboard
  • To detect abuse and enforce rate limits
  • To send transactional emails (login codes, important notices)

We do not sell your data. We do not use your data for advertising.

3. Credential storage

API keys and secrets you store in myagents are encrypted at rest using Supabase Vault. Raw secrets are only decrypted server-side when an authenticated CLI session requests them. They are never returned from public API endpoints, never logged, and never stored in plaintext in our database. Your credentials are your data — we only hold them as an encrypted store on your behalf.

4. Third-party services

We use the following sub-processors to operate the service:

  • Supabase — database, authentication, and encrypted vault storage
  • Vercel — hosting and deployment
  • Google / GitHub — OAuth sign-in (only if you use that sign-in method)

Each of these services has their own privacy policy. We do not share your data with any other third parties.

5. Data retention

Your data is retained for as long as your account is active. Activity logs are retained according to the plan limits shown in your dashboard (7 days on Free, 90 days on Developer, 1 year on Startup). When you delete your account, all your data — agents, integrations, credentials, and logs — is permanently deleted.

6. Your rights

You can at any time:

  • Export your agent configurations from the dashboard
  • Delete individual credentials, agents, or integrations
  • Delete your entire account and all associated data from Settings → Delete account
  • Request a copy of your data by emailing us

7. Cookies

We use session cookies for authentication (managed by Supabase Auth). We do not use tracking cookies or third-party advertising cookies.

8. Children

myagents is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has created an account, contact us and we will delete it.

9. Changes to this policy

We may update this policy as the service evolves. We will update the effective date at the top of this page and, for material changes, notify you by email.

10. Contact

Questions about this policy or your data: hello@myagents.sh

© 2026 myagentsTerms of Service →