Privacy Policy

Last updated: June 2026  ·  Contact: contact@agentguard.it.com

Short version: AgentGuard collects AI usage metadata from your company's devices to power activity monitoring and audit logs. We store data on EU servers, never sell it to third parties, and give you full control under GDPR.

1. Who We Are

AgentGuard is operated by Noah Goerg. For privacy-related questions, contact us at contact@agentguard.it.com.

2. What Data We Collect

Chrome Extension — How It Works

The AgentGuard Chrome extension requests access to all websites (<all_urls>) solely to check each page's hostname against a fixed list of approximately 45 known AI tool domains (e.g. chatgpt.com, claude.ai, gemini.google.com). For any website that is not on this list, the extension removes itself immediately at page load and takes no further action. No data from non-AI websites is read, stored, or transmitted.

The extension only transmits data to AgentGuard servers after a company administrator has entered a valid company code. Without a company code, the extension operates in a fully local, offline mode — events are stored only in the browser's local storage and never sent externally. Employees can verify or remove the company code at any time via the extension popup.

Data Categories Collected

When a company code is configured, the following data is collected from the employee's device:

We do not collect: message content, prompt text, uploaded file contents, browsing history outside AI tool domains, or any biometric data.

3. How Data Is Stored

All data is stored using Supabase (supabase.com), hosted on servers located in the EU (North EU — Stockholm, Sweden). Data is protected by:

4. Data Retention

Event logs are retained for 12 months from the date of collection. After this period, records are automatically deleted. You may request earlier deletion at any time by contacting contact@agentguard.it.com.

5. How We Use Your Data

Data is used solely for the following purposes:

6. Data Sharing

We do not sell, rent, or share your data with any third parties for advertising or marketing purposes. The only sub-processors involved are:

7. Your Rights Under GDPR

As a data subject under the General Data Protection Regulation (GDPR), you have the following rights:

To exercise any of these rights, contact us at contact@agentguard.it.com. We will respond within 30 days.

8. Chrome Extension Permissions

The AgentGuard Chrome extension requests the following browser permissions and uses them exclusively as described:

The extension does not inject scripts into banking, health, or any other sensitive websites. It does not read, transmit, or store the content of any web page.

9. Cookies

The AgentGuard dashboard uses session cookies only to keep you logged in during your browser session. We do not use tracking cookies, advertising cookies, or any third-party analytics scripts. Session cookies are deleted when you close your browser or log out.

The AgentGuard landing page uses localStorage to remember your cookie consent preference. No persistent tracking identifiers are set.

10. Legal Basis for Processing

We process data under the following legal bases as defined in GDPR Article 6:

11. Changes to This Policy

We may update this privacy policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of AgentGuard after a policy update constitutes acceptance of the revised terms.

12. Contact

For any privacy-related inquiries, data subject requests, or complaints, contact:
Noah Goergcontact@agentguard.it.com