Privacy Policy

We’re building Agenteam5 to be the operating system for founders. That means we hold the data founders use to run their company — investor lists, deck drafts, investor updates, agent conversations. We take that responsibility seriously. This page explains exactly what we collect, why, where it lives, and how to delete it.

The 30-second summary

• We collect only what we need to run the product: your account, the founder context you give us, your agent runs, and a single anonymous-by-default analytics event for product improvement.
• We do not sell your data, ever. We do not run ad targeting. We do not share your data with marketers, brokers, or recruiters.
• You can export and delete everything from /app/settings or by emailing hello@agenteam5.com.
• We use European data centres for analytics and error reporting (PostHog EU, Sentry DE). The primary database is hosted by Neon on managed PostgreSQL. The exact region depends on where your account was created.

Who we are

Agenteam5 is operated from Israel by Alona Polak (sole proprietor at the time of publication). Contact: hello@agenteam5.com.

Postal address (data controller for GDPR purposes):
Agenteam5
P.O. Box 10212
Tel Aviv 6110102
Israel

If Agenteam5 incorporates as a company in the future this notice will be updated to reflect the legal entity.

What we collect

Account data (collected from you)

• Email address, first/last name, profile photo (via Clerk auth)
• Founder profile: stage (pitch / build / launch / scale), team size, funding status, top priorities, company name, referrer code
• Founder Brief: one-liner, problem statement, target customer, revenue, pricing, board composition — only the fields you fill in

Usage data (generated by you)

• Agent run inputs and outputs (the conversations you have with our agents)
• Wallet ledger (token credits, debits, purchases)
• Streaks, quests, backlog items, marketing plays
• Connected integrations (which providers you authorised, never the OAuth tokens themselves — those are held by Composio, see “Sub-processors”)

Technical data (collected automatically)

• IP address (used briefly for rate-limiting and abuse prevention, not retained beyond 24 hours in application logs)
• Browser type and operating system (from request headers)
• Pageview events and product-usage events via PostHog — only if you accepted the cookie banner
• Crash reports and error stack traces via Sentry (no personal data attached)

Why we collect it (legal basis under GDPR)

• Performance of contract — we need account data, founder profile, and usage data to deliver the product you signed up for.
• Legitimate interest — error reporting, abuse detection, and security monitoring (you can object via hello@agenteam5.com).
• Consent — analytics cookies (PostHog). You can withdraw consent at any time from the cookie banner or by clearing the agenteam:consententry in your browser’s local storage.
• Legal obligation — payment records (kept for taxation purposes by Polar Software, our merchant of record).

Sub-processors (who else touches your data)

We rely on a small number of vetted providers. Each is bound by their own privacy/DPA terms, linked below.

• Vercel (US) — hosting and edge delivery. Privacy.
• Neon — managed PostgreSQL. Privacy.
• Clerk— authentication and session management. Privacy.
• Anthropic— the AI model that powers our agents. Inputs and outputs are sent for inference; per the Anthropic API terms they are not used to train models. Privacy.
• PostHog(EU host: eu.i.posthog.com) — product analytics. Only loaded after consent. Privacy.
• Sentry(DE host) — error tracking. We configure it to mask form inputs. Privacy.
• Resend— transactional email (verification, receipts, lifecycle). Privacy.
• Polar Software— merchant of record for all payments. They process card data; we never see it. Privacy.
• Composio— brokers OAuth connections to third-party tools (Gmail, Slack, etc.) and holds the access tokens. Privacy.

International transfers

Some of our sub-processors are based in the United States. Where data moves outside the EEA we rely on the EU–US Data Privacy Framework (where the provider is certified) or on Standard Contractual Clauses.

How long we keep data

• Account, profile, briefs, runs — for the life of your account.
• On account deletion — permanently removed within 30 days, except where retention is required for tax (payment records) or fraud prevention (up to 7 years).
• Application logs — 24 hours.
• Error events in Sentry — 90 days.
• Analytics events in PostHog — 12 months.

Your rights

You can, at any time, ask us to:

• Access— receive a copy of all data we hold on you.
• Rectify— correct anything inaccurate.
• Erase— delete your account and all associated data.
• Port— receive your data in a machine-readable format.
• Restrict or object— pause or object to specific processing.
• Withdraw consent— for any consent-based processing, with no effect on processing that already happened.

To exercise any of these rights, email hello@agenteam5.com. We respond within 30 days. If you’re in the EU and not satisfied with our response, you can lodge a complaint with your national data protection authority.

California residents (CCPA / CPRA)

We do not sell or share personal information for cross-context behavioural advertising. We honour Global Privacy Control (GPC) signals as a valid opt-out request. To exercise your rights to know, delete, correct, or opt-out, email hello@agenteam5.com. We will not discriminate against you for exercising these rights.

Children

Agenteam5 is built for adult founders. We do not knowingly collect data from anyone under 16. If you believe we have collected data from a minor, contact us and we will delete it.

Security

We follow the practices summarised on the Security & Trust page: HTTPS everywhere, encrypted-at-rest databases, scoped API keys, principle of least privilege, vetted sub-processors, no shared admin credentials.

Changes to this policy

Material changes will be announced by email to all account holders at least 30 days before they take effect. Non-material clarifications may be made without notice; the “Last updated” date at the top will always be current.

Contact

Questions, requests, complaints: hello@agenteam5.com.