Back to Sign Up

Privacy Policy

Last updated: December 11, 2024

1. Introduction

The OpenA2A Project ("we", "our", or "us") operates the OpenA2A Community platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

When you register for an account, we collect:

  • Email address
  • First and last name
  • Password (stored securely using industry-standard hashing)
  • Google account information (if you sign up with Google OAuth)

2.2 Agent and Server Data

When you use our platform, we store:

  • AI agent registration details and metadata
  • MCP server configurations and endpoints
  • Trust relationships and permissions you configure
  • API keys and credentials (encrypted at rest)

2.3 Usage Information

We automatically collect certain information when you use the Service:

  • IP address and browser type
  • Pages visited and features used
  • Time and date of your visits
  • API usage statistics

3. How We Use Your Information

We use the information we collect to:

  • Create and manage your account
  • Provide and maintain the Service
  • Process your agent and server registrations
  • Send you important service notifications
  • Respond to your inquiries and support requests
  • Monitor and analyze usage patterns to improve the Service
  • Detect, prevent, and address security issues

4. Data Storage and Security

We implement industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS 1.2+
  • Sensitive data is encrypted at rest using AES-256
  • Passwords are hashed using bcrypt with appropriate cost factors
  • API keys and credentials are stored using envelope encryption
  • Our infrastructure is hosted on Microsoft Azure with SOC 2 compliance

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • With your consent: We may share information when you give us explicit permission
  • For legal compliance: We may disclose information if required by law or in response to valid legal requests
  • To protect rights: We may disclose information to protect our rights, privacy, safety, or property
  • Service providers: We may share data with third-party service providers who help us operate the Service (e.g., cloud hosting, email delivery)

6. Your Rights and Choices

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your account and associated data
  • Export your data in a portable format
  • Opt out of non-essential communications

To exercise these rights, please contact us at privacy@opena2a.org.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. We may also retain certain information as required by law or for legitimate business purposes.

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we need to retain it for legal compliance or legitimate business purposes.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

9. Cookies and Tracking

We use essential cookies to operate the Service, including:

  • Authentication cookies to keep you logged in
  • Session cookies to maintain your preferences
  • Security cookies to prevent fraud and protect the Service

We do not use third-party advertising cookies or tracking pixels.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at privacy@opena2a.org.