Privacy Policy

1. Introduction

Agent22 is a product and brand owned by ByteCrafters ("we", "our", or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Agent22 software-as-a-service platform at https://agent22.sh (the "Service").

Please read this policy carefully. If you disagree with its terms, please discontinue use of the Service.

We comply with applicable privacy laws including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Personal Information Protection and Electronic Documents Act (PIPEDA).

2. Information We Collect

2.1 Information You Provide

When you create an account or use our Service, we may collect:

• Full name and email address
• Account login credentials (passwords are stored in encrypted form)
• Payment and billing information (processed securely via Stripe)

2.2 Information Collected Automatically

When you access the Service, we automatically collect certain usage and analytics data, including:

• Pages visited, features used, and actions taken within the platform
• Device type, browser type, operating system, and IP address
• Session duration, click patterns, and performance data

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience, analyse usage patterns, and support the functionality of the Service. You can control cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To create and manage your account and provide the Service
• To process payments and manage billing through Stripe
• To improve, personalise, and expand our Service
• To monitor and analyse usage and performance trends
• To communicate with you, including sending service-related notices and updates
• To detect, prevent, and address technical issues, fraud, or security incidents
• To comply with legal obligations under GDPR, CCPA, PIPEDA, and other applicable laws

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, our legal basis for collecting and using your personal information depends on the data concerned and the context:

• Contract: Processing necessary to perform our contract with you (e.g., providing the Service, processing payments)
• Legitimate Interests: Processing for our legitimate business interests, such as improving the Service and preventing fraud
• Legal Obligation: Processing required to comply with a legal obligation
• Consent: Where you have given us explicit consent (e.g., for non-essential cookies)

5. Sharing Your Information

We do not sell your personal information. We may share your information only with trusted third-party service providers who assist us in operating the Service, subject to confidentiality obligations. These include:

• Stripe — for secure payment processing (see Stripe's Privacy Policy)
• Hosting and infrastructure providers
• Analytics providers to help us understand how our Service is used

All service providers are contractually required to handle your data securely and only for the purposes we specify.

6. Data Retention

We retain your personal information for as long as your account remains active. When you close your account, we will delete or anonymise your personal data, unless we are required to retain it by law (for example, for tax, accounting, or legal compliance purposes).

Usage and analytics data may be retained in aggregated, anonymised form after account closure.

7. Your Privacy Rights

7.1 GDPR Rights (EEA and UK Users)

If you are located in the EEA or UK, you have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate or incomplete data
• Request erasure of your personal data ("right to be forgotten")
• Object to or restrict our processing of your data
• Data portability — receive your data in a structured, machine-readable format
• Lodge a complaint with your local data protection authority

7.2 CCPA Rights (California Residents)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, disclose, or sell
• Request deletion of your personal information
• Opt out of the sale of your personal information (we do not sell personal information)
• Non-discrimination for exercising your CCPA rights

7.3 PIPEDA Rights (Canadian Users)

If you are located in Canada, you have the right to access your personal information and challenge its accuracy. You may also withdraw consent for certain uses, subject to legal or contractual restrictions.

To exercise any of these rights, please contact us at [email protected].

8. Data Security

We implement industry-standard technical and organisational security measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. Payment data is handled exclusively by Stripe and is never stored on our servers.

No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Agent22 is hosted and operated within the United Kingdom and the European Union. For users located in the EEA or UK, your data is processed within these regions and benefits from the protections afforded by GDPR and UK GDPR without requiring cross-border transfer mechanisms.

For users located outside the EEA or UK (including users in Canada and the United States), your information will be transferred to and processed in the UK and/or EU. Both jurisdictions maintain high standards of data protection. Where required, we rely on appropriate safeguards — such as Standard Contractual Clauses or adequacy decisions — to ensure your data is protected in accordance with applicable law.

10. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us and we will promptly delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date above. Where required by law, we will obtain your consent before making material changes. We encourage you to review this policy periodically.