← Back to Deploy Agents Inc

Privacy Policy

Last updated: April 22, 2026

Who We Are

Deploy Agents Inc ("we", "us", "our") provides AI-powered managing agent services for small businesses (BusinessOS) and consumers (HumanOS). This policy explains how we collect, use, and protect your information, and the rights you have under the EU General Data Protection Regulation (GDPR) and the Thailand Personal Data Protection Act (PDPA).

The data controller is Deploy Agents Inc. For privacy matters, contact privacy@deployagentsinc.com.

Information We Collect

• Account information: Your name, business name, email address, phone number, and messaging platform identifiers (WhatsApp, Line, Telegram).
• Messages: Conversations between you and your AI managing agent, used to provide and improve the service.
• Business data: Information you provide about your business operations, such as services, pricing, hours, and staff details.
• Payment information: Processed securely through Stripe. We do not store credit card numbers.
• Usage data: How you interact with our service, including message volume and feature usage.

How We Use Your Information

• To provide, operate, and maintain your AI managing agent.
• To process transactions and send billing-related communications.
• To respond to your requests and provide customer support.
• To improve and develop our services.
• To comply with legal obligations.

Data Sharing

We do not sell your personal information. We share data only with:

• Service providers: Anthropic (AI processing), Stripe (payments), Supabase (data storage), and messaging platforms (WhatsApp/Meta, Line, Telegram) as necessary to deliver the service.
• Legal requirements: When required by law or to protect our rights.

Data Security

We use industry-standard security measures to protect your information, including encryption in transit and at rest. Access to data is restricted to authorized personnel only.

Lawful Basis for Processing

• Contract: Delivering the managing agent service you signed up for.
• Legitimate interest: Operational metrics, fraud prevention, service improvement — always balanced against your rights.
• Consent: Optional features such as long-term health logging (HumanOS) or WhatsApp marketing messages. You may withdraw consent at any time.
• Legal obligation: Tax records, audit trails, and GDPR request logs.

International Data Transfers

Your data is stored in Supabase (Singapore region, AWS ap-southeast-1). AI inference is performed by Anthropic (US). Payment processing is performed by Stripe (US/EU). Messaging platform data flows through WhatsApp/Meta (US), LINE (Japan), and Telegram (various). These providers rely on Standard Contractual Clauses or equivalent safeguards for international transfers.

Data Retention

We keep personal data only as long as necessary. Specific periods:

• Conversation messages: 90 days by default. Clients may opt to retain longer.
• Prospect conversations: 12 months from last contact, then deleted.
• Raw event logs: 24 months, then rolled into aggregate metrics and pruned.
• Aggregate metrics (no PII): 10 years for business records.
• Health, medication, and sleep logs (HumanOS): 2–5 years depending on type, or as long as you keep the feature enabled.
• Legacy Vault messages (HumanOS): Up to 100 years — by design, as the feature is intended to outlive the user.
• GDPR request records: 7 years (legal obligation).
• Sales pipeline records: 7 years after last activity.

Your Rights

Under GDPR and PDPA, you have the right to:

• Access: Request a copy of the data we hold about you.
• Rectification: Correct inaccurate or incomplete data.
• Erasure ("right to be forgotten"): Request deletion of your data, subject to legal retention obligations.
• Portability: Receive your data in a machine-readable format (JSON).
• Restriction or objection: Limit or object to certain processing, including legitimate-interest processing.
• Withdraw consent: Where processing is based on consent, you can withdraw it at any time.
• Lodge a complaint: With your local supervisory authority (e.g., PDPC Thailand, your EU member state DPA).

To exercise any of these rights, email privacy@deployagentsinc.com. We respond within 30 days. There is no charge for reasonable requests.

Messaging Platforms

Our service operates through WhatsApp, Line, and Telegram. Your use of these platforms is also subject to their respective privacy policies. We receive and process messages sent to your business through these platforms to provide AI managing agent services.

Changes to This Policy

We may update this policy from time to time. We will notify you of any material changes by posting the updated policy on this page.

Contact Us

Privacy matters, GDPR/PDPA requests, and data-subject rights:
privacy@deployagentsinc.com

General questions:
hello@deployagentsinc.com
WhatsApp