Privacy Policy

Account information. When you sign up, we collect your email address, name, and authentication identifiers from our identity provider (Clerk). If you join an organization, we store your role and team membership.

Agent and thread data. To run agents, we store the prompts you send, the messages your agents produce, tool inputs and outputs, memory entries, and sandbox execution history.

Integration credentials. When you connect a third-party service (Gmail, Slack, GitHub, etc.), we store the OAuth tokens required to call that service on your agent's behalf. Tokens are encrypted at rest and never exposed to the model.

Google user data. If you connect Google services, we may process the Google account information and Google Workspace data you authorize, including profile details, email messages, drafts, labels, attachments, calendar events, and Drive file metadata or content. We access this data only for the tools, agents, and workflows you configure.

Usage and diagnostic data. We collect logs, error reports, and usage metrics (requests, token counts, latency) so we can debug, bill, and improve the service.

We use the information we collect to:

• Provide, maintain, and improve the Cerca services.
• Execute agents, tool calls, and scheduled jobs you configure.
• Verify your identity and enforce access controls.
• Send service communications, billing notices, and security alerts.
• Call Google APIs and other connected services on your behalf when an authorized tool or agent action requires it.
• Detect abuse, prevent fraud, and investigate incidents.
• Comply with legal obligations.

We do not sell your data, and we do not use your prompts, messages, or agent outputs to train models — ours or anyone else's.

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising, credit decisions, resale, or training generalized AI models.

We share data only with the subprocessors we rely on to deliver the service:

• Cloudflare — hosting, storage, and the sandbox runtime.
• Anthropic, OpenAI, Google — LLM providers. Prompts and context you send to an agent are forwarded to the provider that serves the model you selected.
• Clerk — authentication and session management.
• Stripe — billing and payments.
• Sentry — error monitoring.

We may also disclose information when required by law, to enforce our terms, or to protect the rights and safety of our users.

Data is encrypted in transit and at rest. Integration credentials live in an isolated vault and are decrypted only at the moment of a tool call — the model never receives raw secrets.

Each agent runs in its own security boundary with scoped permissions, rate limits, and budget caps. Agents can require human approval for sensitive tool calls, and we keep a full audit trail of every tool invocation.

We retain your data for as long as your account is active and as needed to provide the service. You can delete threads, memory entries, and connections at any time from the console. When you close your account we delete your data within 30 days, except where we are required to retain it for legal or compliance reasons.

Depending on where you live, you may have the right to access, correct, export, or delete the personal information we hold about you, and to object to or restrict certain processing.

To exercise any of these rights, email privacy@cerca.dev. We will respond within the timeframe required by applicable law.

Cerca is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, contact us and we will delete it.

We may update this policy from time to time. When we do, we will revise the "last updated" date at the top of this page and, for material changes, notify you through the service or by email.

Questions about this policy? Email privacy@cerca.dev.