Gateway Back home

Privacy Policy

Last updated: June 19, 2026

This Privacy Policy explains how Agent Tool Gateway ("we", "us", the "Service") collects, uses, and safeguards information when you use our website and API. By using the Service you agree to this policy.

Information we collect

  • Account data: your email address and an encrypted password hash, managed through our authentication provider (Supabase).
  • API keys: we store only a one-way hash of each key, never the plaintext. You see a key's full value once at creation.
  • Usage data: records of tool calls (tool name, timestamp, credits used, success/failure, execution time) for billing, abuse prevention, and showing you your own usage.
  • Tool inputs & outputs: content you (or your agent) submit to a tool — e.g. a URL, document, or text — is processed to fulfill the request. Some results (such as generated audio or reports) are stored so you can retrieve them; subtitle/metadata results may be cached transiently to improve speed.
  • Payment data: subscriptions are processed by our payment provider (Dodo Payments). We do not store your full card details; we retain the subscription status and identifiers needed to manage your plan and credits.

How we use information

  • To provide, operate, and secure the Service.
  • To authenticate requests and meter credit usage.
  • To detect, prevent, and investigate abuse, fraud, or rate-limit violations.
  • To process payments and manage your subscription.
  • To communicate with you about your account or material changes to the Service.

Third-party processors

We rely on trusted subprocessors to run the Service, including hosting and authentication (Supabase, Vercel), payments (Dodo Payments), and the upstream APIs/models a given tool depends on (for example, large-language-model providers for summarization tools). Tool inputs are shared with the relevant provider only as needed to fulfill your request.

Data retention

We keep account, usage, and transaction records for as long as your account is active and as needed for legal, accounting, and abuse-prevention purposes. Cached tool results expire automatically. You may request deletion of your account and associated data (see Contact).

Security

We protect data in transit with TLS, store API keys only as hashes, enforce row-level access controls so you can only access your own data, and apply rate limits and authentication on all endpoints. No method of transmission or storage is perfectly secure, but we work to protect your information.

Your rights

Depending on your location, you may have rights to access, correct, export, or delete your personal data. To exercise them, contact us.

Children

The Service is not directed to children under 13 and we do not knowingly collect their data.

Changes

We may update this policy; material changes will be reflected by the "Last updated" date above and, where appropriate, a notice in the Service.

Contact

Questions or data requests: kennyfarmer100@gmail.com.