Privacy Policy

Last updated: 2026-06-06 · Service: agents.biab.cloud

Template — review before launch. This page captures the privacy commitments specific to the AI agent platform at agents.biab.cloud. Have a lawyer or a service like Termly review before treating it as binding.

1. Who runs this service

agents.biab.cloud is operated by the same legal entity as biab.cloud (the "Platform"). Contact for privacy questions: privacy@biab.cloud.

2. What data we hold about you

3. What we do NOT do

4. Third-party processors (sub-processors)

We use a small number of services to run agents.biab.cloud. The complete list — what they process and where they're located — is at /legal/sub-processors.html. By far the most relevant: the LLM provider you yourself select. When you submit a prompt to an agent, that prompt + the surrounding code context leaves our infrastructure and goes to OpenRouter or your Ollama endpoint, governed by their privacy policy.

5. Your rights (GDPR / similar)

6. How long we keep your data

Active accounts: for as long as the account is active. Deleted accounts: immediately wiped, except the deletion_history row (username + email + timestamp) which is retained for 12 months to enforce the abuse cooldown and detect repeat misuse. Operational logs: 30 days.

7. Where your data lives

All workloads and storage run on dedicated infrastructure in Germany (Hetzner, Falkenstein). We do not replicate data outside the EU.

8. Security

All connections are TLS-encrypted. Per-user secrets (LLM keys, etc.) are stored as SOPS-encrypted manifests in our gitops repo with the private decryption key kept off-cluster in two off-line locations. See our security policy for details.

9. Changes to this policy

We'll post material changes to this page with a new "Last updated" date. For account-bound changes (e.g. a new sub-processor) we'll email you at least 30 days in advance.

← Back to agents.biab.cloud