Privacy Policy

Last updated: 22 June 2026

This policy explains what personal data AgentGuardian (operated by Glacien, Singapore) collects, why we collect it, and the choices you have. A core design principle of the product is data minimisation: the AgentGuardian collector runs inside your own cloud account and sends us only the metadata needed to govern your agents — never your raw logs, billing files, or model prompts and responses.

Who we are

AgentGuardian is a product of Glacien (Singapore). For the purposes of applicable data-protection law — including Singapore’s Personal Data Protection Act (PDPA) and, where it applies, the EU/UK General Data Protection Regulation (GDPR) — Glacien is the controller of the personal data described here. Contact details are at the end of this page.

What we collect

Information you give us

• Account & contact data — name, work email, company, and role when you sign up, request a demo, or contact us.
• Communications — messages you send us and support requests.
• Billing data — handled by our payment and marketplace providers (e.g. AWS Marketplace); we receive subscription and entitlement records, not full card details.

Information from your use of the product

• Operational metadata — agent identifiers, model names, token and cost figures, owners, and policy state, pushed from the in-tenant collector. This is what the platform governs.
• Service telemetry — logs, traces, and metrics about how the platform itself performs, used to keep it reliable and secure.

What we do NOT collect

• Your raw model invocation logs, prompts, responses, or full billing exports — these stay in your cloud account.

How we use data

• To provide, operate, secure, and improve the service.
• To communicate with you about your account, support, and material changes.
• To meet legal, accounting, and security obligations.
• With your consent, to send product updates you can unsubscribe from at any time.

Legal bases (GDPR)

Where the GDPR applies, we rely on: performance of a contract (providing the service), legitimate interests (securing and improving the service), consent (marketing email), and compliance with legal obligations.

Sharing

We share personal data only with service providers who process it on our behalf under contract (for example, cloud hosting and email delivery), with payment and marketplace providers to fulfil subscriptions, and where required by law. We do not sell personal data.

Retention

We keep personal data for as long as your account is active and as needed to provide the service, then for the period required to meet legal, tax, and security obligations, after which it is deleted or anonymised.

Security

We apply encryption in transit and at rest, least-privilege access, tenant isolation, and time-boxed, audited internal access. See our Security page for details.

Your rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal data, and may withdraw consent for marketing at any time. To exercise these rights, contact us at privacy@agentguardian.io.

International transfers

We may process data in countries other than your own. Where required, we use appropriate safeguards (such as standard contractual clauses) for such transfers.

Cookies

The website uses only the cookies necessary to operate and measure the site. We do not use advertising trackers.

Changes

We will update this policy as the product and our obligations evolve, and will revise the “last updated” date above.

Contact

Privacy questions: privacy@agentguardian.io. General contact: agentguardian.io/contact. Postal: Glacien, Singapore.