Policy v2.4.0

PRIVACY
PROTOCOL.

AgentFramer is built on the principle that trust is infrastructure. This document defines how we handle the data that flows through our MCP-native generation platform: what we collect, why we collect it, and the controls you hold as a data subject.

01

System Overview

AgentFramer operates as an MCP-native proxy layer between AI agents and generation providers. Data trust is foundational to this architecture. When your agent dispatches a tool call, we act as a stateful intermediary. We handle authentication, route the job, and return the asset URL. We do not train models on your generations or prompts.

02

Data We Collect

Account Information
EMAIL_IDLEGAL_NAMEBILLING_ADDRESS

Collected at registration and used for authentication, billing, and communication.

Usage Metadata
MCP_TOOL_CALL_LOGSGENERATION_HISTORYCREDIT_LEDGER

Telemetry from every agent interaction, used for service reliability and credit accounting.

lock
Media Outputs
Generated images, video clips, and audio files are stored in encrypted object storage. Asset URLs are signed and time-limited. We do not republish or redistribute your generated content.
03

How We Use Data

#01
Service Optimization
We use generation metadata to improve job routing, model selection defaults, and latency across the MCP bridge.
#02
Credit Management
Usage logs are the source of truth for your credit ledger. Every tool call is accounted for transparently.
#03
Fraud Synthesis
Anomaly detection on usage patterns helps us protect all accounts from abuse and unauthorized access.
04

Data Sharing

To fulfil generation requests, we transmit prompt data and configuration to third-party model providers. We work with trusted service providers bound by data processing agreements. Legal disclosures may occur when required by valid legal process.

OPENAI_GPT4ANTHROPIC_CLAUDESTABILITY_AIELEVENLABSRUNWAY_ML
verifiedWe do not sell your personal information to any third party.
05

Security Standards

shield_lockTransit Encryption

All data in transit is encrypted using TLS 1.3. MCP connections use mutual TLS where supported.

encryptedRest Encryption

Stored assets and credentials are encrypted at rest using AES-256. Access is audited and role-gated.

SOC2_TYPE_IIAES_256_RESTTLS_1.3_TRANSITRBAC_ACCESS
06

Subject Rights + Contact

Subject Rights

You hold data sovereignty over your account. You may access, correct, export, or delete your data at any time. Requests are fulfilled within 30 days.

  • check_circleAccess and download your data
  • check_circleCorrect inaccurate information
  • check_circleDelete your account and data
  • check_circleOpt out of marketing communications
  • check_circleExport generated assets and history
  • check_circleRequest data processing information
Help Centerarrow_forward
Contact

Privacy questions, data requests, or regulatory inquiries can be directed to our legal team.

legal@agentframer.com