Privacy Policy

Account information. When you sign up, we collect your email address, name, and authentication identifiers from our identity provider (Clerk). If you join an organization, we store your role and team membership.

Agent and thread data. To run agents, we store the prompts you send, the messages your agents produce, tool inputs and outputs, memory entries, and sandbox execution history.

Integration credentials. When you connect a third-party service (Gmail, Slack, GitHub, etc.), we store the OAuth tokens required to call that service on your agent's behalf. Tokens are encrypted at rest and never exposed to the model.

Usage and diagnostic data. We collect logs, error reports, and usage metrics (requests, token counts, latency) so we can debug, bill, and improve the service.

We use the information we collect to:

• Provide, maintain, and improve the Cerca services.
• Execute agents, tool calls, and scheduled jobs you configure.
• Verify your identity and enforce access controls.
• Send service communications, billing notices, and security alerts.
• Detect abuse, prevent fraud, and investigate incidents.
• Comply with legal obligations.

We do not sell your data, and we do not use your prompts, messages, or agent outputs to train models — ours or anyone else's.

We share data only with the subprocessors we rely on to deliver the service:

• Cloudflare — hosting, storage, and the sandbox runtime.
• Anthropic, OpenAI, Google — LLM providers. Prompts and context you send to an agent are forwarded to the provider that serves the model you selected.
• Clerk — authentication and session management.
• Stripe — billing and payments.
• Sentry — error monitoring.

We may also disclose information when required by law, to enforce our terms, or to protect the rights and safety of our users.

Data is encrypted in transit and at rest. Integration credentials live in an isolated vault and are decrypted only at the moment of a tool call — the model never receives raw secrets.

Each agent runs in its own security boundary with scoped permissions, rate limits, and budget caps. Agents can require human approval for sensitive tool calls, and we keep a full audit trail of every tool invocation.

We retain your data for as long as your account is active and as needed to provide the service. You can delete threads, memory entries, and connections at any time from the console. When you close your account we delete your data within 30 days, except where we are required to retain it for legal or compliance reasons.

Depending on where you live, you may have the right to access, correct, export, or delete the personal information we hold about you, and to object to or restrict certain processing.

To exercise any of these rights, email privacy@cerca.dev. We will respond within the timeframe required by applicable law.

Cerca is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, contact us and we will delete it.

We may update this policy from time to time. When we do, we will revise the "last updated" date at the top of this page and, for material changes, notify you through the service or by email.

Questions about this policy? Email privacy@cerca.dev.