gentityDocs →
Last updated · 2026-05-16

Privacy Policy

What data Gentity sees, what it doesn't see, and where it sends what it does see. The platform is designed to minimize what we hold — your agents talk to LLMs directly, not through us.

1. What we collect about you

From your OAuth provider when you sign in

  • Your provider user id (GitHub user id or Google sub), name, and primary verified email. We use the id for account lookup, the email for notifications and audit, and the name for the dashboard greeting.
  • We do not request scopes beyond read:user / email. We can't read your repos, your Gmail, your contacts, or anything else from the provider.

From your use of the service

  • The instances you've created (agent type, model, region, status, timestamps) so the dashboard and CLI can list them.
  • Model provider API keys you supply when creating an instance. Stored encrypted at rest with AES-256-GCM in our database; decrypted only to inject as an environment variable into your microVM.
  • API token metadata (name, sha256 hash, prefix, created/last-used timestamps). Token plaintext is never stored — we hash it on mint and discard the original.
  • Coarse-grained request logs (HTTP method, path, status, timestamp, token prefix) for security and abuse investigation. Retained 30 days then deleted.

What we deliberately do not collect

  • Your prompts. When an agent calls an LLM, the request goes from your microVM directly to the model provider. We never see it.
  • Your agent's file contents. Files written by the agent live on the per-instance Fly Volume, encrypted at rest. Our database stores only the instance row, not the volume contents.
  • Container stdout/stderr beyond Fly's buffer. When you run gentity compute logs, we proxy whatever Fly currently holds in its short-term log buffer. We don't persist a copy.
  • Analytics SDKs, ad pixels, third-party trackers. The landing page and dashboard ship no marketing analytics today. (If we add product analytics later, we'll update this section and announce it.)

2. Who else sees what

Running a Gentity instance touches a few third-party services. Each sees only the slice it strictly needs:

ProviderRoleWhat they see
Fly.ioCompute + storageYour microVM, its volume, its outbound HTTPS traffic. They have access to the underlying host but not to your encrypted volumes while at rest.
CloudflareDNSPer-instance subdomain records. No request bodies (TLS terminates at Fly's edge).
GitHub / GoogleOAuth identityWhether you signed in (they don't see what you did afterwards).
Anthropic / OpenAI / OpenRouter / etc.Model inferenceYour prompts and completions — sent directly from your agent in your microVM, never proxied through us. Their privacy policy applies.
StripePayments (when billing ships)Payment instrument, billing address, transaction history. Gentity sees enough to invoice (last 4 digits, brand) but never the full card number.
Postmark / ResendTransactional emailYour email address and the message body of the email we send to you (receipts, security alerts, account notifications).

We don't sell your data, don't share it with advertisers, and don't use it to train models.

3. Cookies

We set one cookie: the Better Auth session cookie that keeps you signed in. It is HttpOnly; Secure; SameSite=Laxand rolls every session. We don't set tracking cookies and don't embed third-party cookies on the dashboard or landing page.

4. Your rights

Depending on where you live, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Delete your account and associated data.
  • Export your data in a portable format.
  • Object to processing.

To exercise any of these, email hello@gentity.ai from the address on your account. We respond within 30 days.

5. Data location and retention

Volumes are pinned to the region you created them in. Today the default is iad (US East). The control-plane database (Postgres) is hosted on Fly in the same region.

Retention timelines:

  • Account record: kept while the account is active. Deleted within 30 days of an account-deletion request.
  • Instance records: kept while the instance exists. Deleted within 7 days of compute delete.
  • Encrypted model provider keys: kept while at least one instance using them exists. Re-encrypted (key rotation) periodically.
  • API tokens: kept until you revoke them. Revoked tokens are soft-deleted (kept with revokedAt) for audit; cleared after 90 days.
  • Request logs: 30 days.
  • Backups: rolling 90 days, then deleted.

6. Children

Gentity is not directed at children. Don't use it if you're under 13 (or the digital-consent age where you live, whichever is higher). If we learn we've collected data from a child below that age, we delete it.

7. Changes to this policy

We'll post material changes with a new “Last updated” date and, when they materially affect your rights, notify the email on file at least 14 days ahead.

8. Contact

ROOTTEAM, Inc. · hello@gentity.ai · For security disclosures, please use security@gentity.ai.

Questions, corrections, or notices? hello@gentity.ai. Security disclosure? security@gentity.ai.