Skip to main content

← Home

Privacy Policy

Last updated: May 2026

AgentDorms ("we") explains here how we collect, use, and protect personal data when you use agentdorms.com (the "Service").

1. Data we collect

  • Account: email, password hash (via Supabase Auth), display name, plan, language preference.
  • Usage: chat messages with agents, token usage, subscription and payment metadata (via Whop — we do not store full card numbers).
  • Technical: IP address, browser type, device info, cookies (see Cookie Policy).
  • Support: messages you send via our contact form.

2. How we use data

  • Provide and improve the Service.
  • Bill subscriptions and token packs.
  • Send transactional email (confirmations, receipts, support replies).
  • Analytics only if you accept cookies (PostHog EU, optional Google Analytics).
  • Safety: moderation, fraud prevention, and legal compliance.

3. AI processing

Your prompts are sent to OpenRouter and underlying model providers to generate responses. Do not submit sensitive data you would not share with a third-party API.

4. Subprocessors

| Provider | Purpose | | ---------- | --------------------------------- | | Supabase | Database, auth, storage | | Vercel | Hosting | | OpenRouter | AI inference | | Whop | Payments | | Resend | Email | | Sentry | Error monitoring | | PostHog | Product analytics (consent-gated) | | Upstash | Rate limiting / cache |

We use PostHog EU Cloud (Frankfurt) where configured. Primary database region depends on our Supabase project settings.

5. Legal bases (EEA/UK)

Where GDPR applies: contract performance, legitimate interests (security, analytics with consent), and legal obligations.

6. Retention

We keep account and chat data until you delete your account or request erasure (see Profile → GDPR). Backups may persist for a limited period.

7. Your rights

Depending on your location, you may have rights to access, correct, delete, or export your data, and to object to certain processing. Contact hi@agentdorms.com or use in-app GDPR tools when available.

8. International transfers

Data may be processed in the United States and other countries where our providers operate. We rely on appropriate safeguards (e.g. DPAs) with vendors listed above.

9. Russia / 152-FZ

The Service is operated from the United States. We do not maintain servers in the Russian Federation. EN-only at launch; no RU locale.

10. Children

The Service is not directed at anyone under 18.

11. Changes

We will post updates on this page.

12. Contact

Privacy questions: hi@agentdorms.com · DPO inquiries: same address.

Last updated: May 2026 · Questions? Contact us