Privacy Policy

When you use Halos, we collect:

• Account information: Your email address and name when you sign up.
• Agent data: Configuration, preferences, and activity logs for agents you create.
• Connected services: When you connect third-party services (e.g., Gmail), we store encrypted OAuth tokens to access those services on your behalf. We do not store the contents of your emails or other third-party data.
• Usage data: Anonymized analytics about how you interact with the platform.

• To provide, operate, and improve the Halos platform.
• To authenticate you and manage your account.
• To enable your agents to perform tasks on connected services.
• To send you important service-related communications.

When you connect services like Gmail, your agent accesses those services using OAuth tokens stored with AES-256-GCM encryption. Halos only requests the minimum permissions necessary (e.g., read-only access for Gmail). You can disconnect any service at any time from your settings.

Your data is stored in Supabase with row-level security policies. OAuth tokens are encrypted at rest using AES-256-GCM. Agent containers run in isolated environments on Fly.io. We do not sell your data to third parties.

We retain your data for as long as your account is active. When you delete an agent or your account, associated data is permanently removed. Connected service tokens are deleted immediately upon disconnection.

You have the right to:

• Access and export your data.
• Delete your account and all associated data.
• Disconnect any third-party service at any time.
• Opt out of non-essential communications.

For privacy-related questions, contact us at cormac@fndr.house.