AgentsUp AI

Privacy Policy

Effective date: 17 May 2025

Welcome to AgentsUp.ai, a product of Distack Solutions (SMC) PVT. LTD. (collectively, "AgentsUp," "we," "our," or "us"). Your privacy is important to us. This Privacy Policy explains what personal data we collect, how we use it, and the rights and choices you have.

1. Scope

This Policy applies to data collected through our website, web app, APIs, and any related mobile or desktop applications (collectively the "Services"). It does not cover third‑party websites or services that may be linked from our platform.

Payment Processing Notice: Our order process is conducted by our online reseller Paddle.com. Paddle.com is the Merchant of Record for all our orders. Paddle provides all customer service inquiries and handles returns. This Privacy Policy covers data we collect directly; Paddle's processing of payment data is governed by their privacy policy available at https://paddle.com/privacy.

2. Data We Collect

Personal Data We Collect Directly:

  • Account Information: Name, email address, password hash, workspace name, and profile information
  • User Content: Text, files, prompts, embeddings, and other data you upload or generate while using the Services
  • Usage Data: Log files, API calls, agent execution metadata, IP address, browser type, timestamp, and referral URLs
  • Communication Data: Support inquiries, feedback, and correspondence with us

Payment & Billing Data:

  • Payment Processing: All payment information (credit card details, billing addresses, transaction data) is collected and processed directly by Paddle.com, our payment processor and Merchant of Record
  • Billing Metadata: We receive limited billing information from Paddle including subscription status, plan type, and general transaction success/failure notifications
  • Tax Information: Paddle handles all tax collection and remittance requirements globally

Technical Data:

  • Cookies & Similar Technologies: Session cookies and analytics pixels (see Section 7)
  • Device Information: Browser type, operating system, device identifiers
  • Performance Data: Error logs, crash reports, and application performance metrics

3. How We Use Your Data

We use personal data to:

  • Provide, maintain, and improve the Services and AI agents
  • Authenticate users and secure accounts
  • Manage your subscription and account status (in coordination with Paddle)
  • Respond to support inquiries and communicate service updates
  • Conduct analytics and crash reporting to enhance performance
  • Send important service notifications and subscription-related communications
  • Comply with legal obligations and enforce our Terms of Service
  • Detect and prevent fraud, abuse, or security incidents

Marketing Communications:

We will only send you marketing emails if you explicitly opt-in during registration or through your account settings. You can unsubscribe at any time using the link in any marketing email.

4. Legal Basis for Processing (EEA & UK Users)

Under GDPR, we process data under the following legal bases:

  • Contract: To deliver the Services you request and manage your subscription
  • Legitimate Interests: For security, analytics, product improvements, and fraud prevention
  • Consent: For optional marketing communications and non-essential cookies
  • Legal Obligation: To meet compliance, tax, and regulatory requirements

5. Data Sharing & Disclosure

We never sell your personal data. We may share it with:

Service Providers:

  • Cloud Infrastructure: AWS for hosting and data storage
  • Vector Databases: Qdrant Cloud for AI embeddings storage
  • Payment Processing: Paddle.com for all payment transactions and subscription management
  • Email Services: Postmark for transactional and service emails
  • Analytics: Plausible for privacy-focused website analytics
  • Error Monitoring: Sentry for application performance monitoring

AI Service Providers:

When you use our AI agents, your prompts and relevant context may be sent to:

  • OpenAI (GPT models)
  • Anthropic (Claude models)
  • Google (Gemini models)
  • Other AI providers as we add new models

This data is sent solely to fulfill your requests and is subject to these providers' privacy policies.

Legal & Safety Disclosures:

  • Authorities when required by law or to protect rights, property, or safety
  • Legal proceedings, court orders, or regulatory investigations
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with advance notice)

6. Data Retention

We retain personal data only as long as necessary for the purposes outlined in this Policy:

  • Account Data: Retained while your account is active and for up to 2 years after deletion for legal compliance
  • User Content: Retained until you delete it or close your account
  • Usage Logs: Retained for up to 12 months for security and analytics purposes
  • Payment Data: Billing metadata retained for 7 years for tax and accounting purposes (full payment data is retained by Paddle per their policies)

You can delete your User Content at any time through your dashboard. Account deletion requests can be made through your settings or by contacting support.

7. Cookies & Tracking Technologies

We use:

  • Essential Cookies: Required for authentication, security, and core functionality
  • Analytics Cookies: Plausible Analytics (privacy-focused, no personal data tracking)
  • Performance Cookies: For error monitoring and service optimization

You can manage cookie preferences in your browser settings. Disabling essential cookies may affect core functionality.

Cookie Consent: For users in the EU/UK, we obtain explicit consent before setting non-essential cookies. You can withdraw consent at any time through your browser settings.

8. Security Practices

We implement industry-standard security measures:

  • Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
  • Access Controls: Role-based permissions and least-privilege access
  • Infrastructure Security: Regular security audits and penetration testing
  • Monitoring: 24/7 security monitoring and incident response procedures
  • Payment Security: All payment processing handled by PCI DSS Level 1 certified Paddle

While no system is 100% secure, we continuously invest in protecting your data.

9. International Data Transfers

We are headquartered in Pakistan and use global cloud infrastructure. Personal data may be transferred to and processed in:

  • United States (AWS, Paddle.com)
  • European Union (various service providers)
  • Other countries where our service providers operate

For EEA/UK users, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable
  • Other appropriate safeguards as required by GDPR

Paddle Processing: Paddle.com processes payment data globally and maintains appropriate safeguards for international transfers.

10. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights:

All Users:

  • Access: Request information about how we process your data
  • Correction: Update or correct inaccurate personal data
  • Deletion: Request deletion of your personal data (subject to legal requirements)
  • Opt-out: Unsubscribe from marketing communications

EEA/UK Users (GDPR Rights):

  • Data Portability: Receive your data in a machine-readable format
  • Restrict Processing: Limit how we process your data
  • Object to Processing: Object to processing based on legitimate interests
  • Withdraw Consent: For processing based on consent
  • Lodge Complaints: With your local data protection authority

California Users (CCPA Rights):

  • Know: What personal information we collect and how it's used
  • Delete: Request deletion of personal information
  • Opt-out: Of sale of personal information (note: we don't sell personal data)
  • Non-discrimination: Equal service regardless of privacy choices

Exercising Rights: To exercise these rights, contact us at privacy@agentsup.ai or through your account settings. We will respond within 30 days (or as required by local law).

Payment Data Rights: For rights related to payment and billing data, contact Paddle directly as they are the data controller for payment processing.

11. Children's Privacy

Our Services are not directed at children under 16 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately for deletion.

12. Complaint Resolution

If you have concerns about our privacy practices:

  1. Contact Us First: Email privacy@agentsup.ai - we respond within 48 hours
  2. Expected Resolution Time: Most privacy concerns resolved within 7 business days
  3. Escalation: If unsatisfied, you may contact your local data protection authority
  4. EU Users: You may lodge complaints with your national Data Protection Authority
  5. Payment Issues: Contact Paddle.com directly for payment-related privacy concerns

13. Third-Party Services

Paddle Payment Processing:

Paddle.com serves as our Merchant of Record and payment processor. When you make a purchase:

  • Paddle collects and processes all payment information
  • Paddle handles customer service for payment-related inquiries
  • Paddle manages refunds and returns
  • Paddle's privacy policy governs their data processing: https://paddle.com/privacy

AI Model Providers:

When using our AI agents, your data may be processed by third-party AI providers. Each has their own privacy practices:

14. Data Protection Officer

For privacy-related inquiries, our Data Protection contact is:

  • Email: privacy@agentsup.ai
  • Response Time: Within 48 hours for initial response
  • Postal Address: Distack Solutions SMC PVT LTD,

    Plot 8A 35-D Korangi 5, 74900 Karachi Sindh, Pakistan

15. Changes to This Policy

We may update this Privacy Policy to reflect:

  • Changes in our services or business practices
  • New legal requirements
  • Enhanced privacy protections

Notification of Changes:

  • Material changes: 30 days advance notice via email and prominent website notice
  • Minor updates: Posted with updated effective date
  • Continued use after effective date constitutes acceptance

16. Contact Information

General Privacy Questions:

Payment & Billing Privacy:

  • Contact Paddle.com directly through their support channels
  • For payment-related privacy concerns

Postal Address:

Distack Solutions SMC PVT LTD
Plot 8A 35-D Korangi 5, 74900 Karachi Sindh, Pakistan

Business Hours:

Monday-Friday, 9 AM - 5 PM PKT