AISO stores the account, profile, source, scan, billing, and wallet records needed to operate public agent links. Secrets, provider tokens, payment keys, and API keys stay server-side and are not exposed in public pages.
Email + identity from Privy login, profile fields you publish, blocks (HERO / BIO / SERVICES / PROOF / FAQ / SOCIALS / OWNER_NOTES), source URLs you scan, scan evidence + display scores, billing state from Stripe, wallet addresses from Privy, visit logs (hashed IP), ConversationMessage rows for chat / MCP audit.
OWNER_NOTES blocks, raw API-key secrets, Stripe / NanoGPT / Anthropic / OpenAI / Google API keys, webhook signing secrets, session tokens, Privy session JWTs, hashed IP addresses.
Published profiles at /p/<handle>, the machine surfaces (profile.json, offers.json, openapi.json, llms.txt, robots.txt, sitemap.xml, .well-known/agents.json, .well-known/mcp.json, .well-known/x402.json). The grounded chat endpoint at /api/public/profiles/<handle>/ask.
Privy (auth + wallet), Supabase (database), HOSTUP (hosting / Cloudflare), Stripe (payments), Coinbase Onchain Receipts or sponge.dev (x402 facilitator — Wave 3), NanoGPT (chat + monitored prompts), Anthropic / OpenAI / Google / xAI (engine probes when configured), Resend (transactional email), Sentry + PostHog (observability), Inngest (durable jobs). See the Data Processing Addendum for the sub-processor list.
Active accounts retain all data. Soft-deleted profiles (Profile.status = DELETED) keep a 30-day grace window — the public surface is offline immediately, the row hard-deletes via cron after the window. ScanCost + ApiKeyUsage rows retained 13 months for analytics. ConversationMessage rows retained 90 days then redacted.
Export your data at /app/settings → Danger zone → Export. Receive a JSON bundle by email. Delete the account at the same place; a 30-day grace lets you cancel before hard-delete. EEA / UK / CA residents can also write to privacy@aiso.tools.
AISO uses a session cookie for sign-in, a HMAC-signed attribution cookie for referral attribution, and PostHog analytics (only after consent in EEA / UK). See the full Cookie Policy.
AISO is not directed at children under 16. If you become aware that a child has provided personal data, contact privacy@aiso.tools and we will remove it.
Material changes are surfaced in-app on first sign-in after the update. Trivial edits (typos, clarifications) bump the “Last updated” date without notification.