1. Introduction
DatOps, Inc. ("Company", "we", "us") operates the DAT (Decentralized Agent Trust) Platform ("Platform") at datops.ai. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use the Platform.
By using the Platform, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Platform.
2. Information We Collect
2.1 Account Information
When you create an account, we collect:
- Name (first and last)
- Email address
- Organization name
- Password (stored as a salted hash, never in plain text)
- Communication preferences (marketing opt-in)
2.2 Agent and Organization Data
When you register AI agents on the Platform, we collect and store:
- Agent names, descriptions, and version information
- Decentralized Identifiers (DIDs) and DID documents
- Public keys associated with agents and organizations
- Verifiable credentials and attestations
- Trust scores and reputation data
2.3 Usage Data
We automatically collect certain information when you use the Platform:
- API call logs (endpoints accessed, timestamps, response codes)
- Login activity and session information
- Browser type and version
- IP address
- Pages visited and features used
3. How We Use Your Information
We use collected information to:
- Provide, maintain, and improve the Platform
- Create and manage your account
- Process agent registrations and DID management
- Calculate and maintain trust scores and reputation data
- Detect and prevent fraud, abuse, and security threats
- Send transactional notifications (verification emails, security alerts)
- Send product updates and announcements (only if you opt in)
- Respond to support requests
- Generate anonymized, aggregate analytics
4. Data Storage and Security
We take security seriously and implement industry-standard measures to protect your data:
- Passwords are hashed using PBKDF2 with 600,000 iterations and SHA-512
- API keys are stored as SHA-256 hashes
- TOTP secrets for two-factor authentication are encrypted at rest
- All data in transit is encrypted via TLS/HTTPS
- Access to production systems is restricted and logged
- Regular security audits are performed
While we strive to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
5. Data Sharing and Disclosure
We do not sell your personal information. We may share data in the following circumstances:
- Public DID data: Agent DIDs, DID documents, and public keys are designed to be publicly verifiable as part of the decentralized trust model
- Service providers: We may share data with trusted third-party services that help us operate the Platform (hosting, email delivery, monitoring)
- Legal requirements: We may disclose data if required by law, regulation, or legal process
- Business transfers: In the event of a merger, acquisition, or asset sale, user data may be transferred to the acquiring entity
- With your consent: We may share data with your explicit permission
6. Cookies and Tracking
The Platform uses the following cookies:
- dat_api_key: An httpOnly, secure cookie used for API authentication. This cookie cannot be accessed by JavaScript and is sent only with API requests.
- dat_logged_in: An indicator cookie used by the frontend to determine login state. Contains no sensitive data.
We do not use third-party tracking cookies or advertising trackers. We do not participate in cross-site tracking.
7. Data Retention
We retain your data for as long as your account is active or as needed to provide services. Specifically:
- Account data: Retained until account deletion is requested
- Agent data and DIDs: Retained for the lifetime of the agent registration
- Audit logs: Retained for 90 days
- API usage logs: Retained for 30 days
- Backup data: Retained for up to 30 days after deletion
After account deletion, we may retain anonymized, aggregate data that does not identify you.
8. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Portability: Request your data in a machine-readable format
- Objection: Object to processing of your data for certain purposes
- Withdraw consent: Withdraw consent for marketing communications at any time
For EU/EEA Residents (GDPR)
If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your data includes: performance of a contract, legitimate interests, and consent. You may contact your local data protection authority if you have concerns about our data practices.
For California Residents (CCPA)
If you are a California resident, you have the right to know what personal information we collect, request its deletion, and opt out of any sale of personal information. We do not sell personal information.
To exercise any of these rights, contact us at [email protected].
9. International Data Transfers
The Platform is hosted in the European Union (Germany). If you access the Platform from outside the EU, your data may be transferred to and processed in the EU. We ensure appropriate safeguards are in place for any international data transfers.
10. Children's Privacy
The Platform is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or through the Platform. The "Last updated" date at the top of this page indicates when the policy was last revised.
12. Contact
If you have questions or concerns about this Privacy Policy or our data practices, contact us at:
DatOps, Inc.
Privacy Inquiries: [email protected]
General Support: [email protected]
Website: datops.ai