← Back to AccessAgent.ai

Privacy Policy

Last updated: February 26, 2026

1. Overview

AccessAgent.ai ("the Service") is a static site hosting platform. This policy explains what data we collect, how we use it, and your rights.

2. Data We Collect

Data	Purpose	Retention
Ethereum wallet address	Authentication, site ownership	Duration of site existence
IP addresses	Rate limiting, abuse prevention	In-memory only, not persisted to disk
Uploaded site content	Hosting, content moderation	Until site deletion by owner
Transaction hashes (Pro tier)	Payment verification	Duration of site existence
Bandwidth usage	Tier enforcement	Current month only, reset monthly
Coupon codes used	Coupon tracking	Indefinite (aggregate counts only)
Custom domain names	Domain routing, TLS provisioning	Until domain removed by owner

3. What We Do NOT Collect

• Email addresses
• Names or personal identifiers
• Browser fingerprints or tracking cookies
• Analytics or behavioral data on site visitors

4. Third-Party Data Processing

Content Moderation (Anthropic)

All uploaded content (text files and images) is sent to Anthropic's Claude API for automated content moderation before being made publicly accessible. This is done to enforce our Acceptable Use Policy. Anthropic processes this data under their privacy policy. Anthropic does not use API inputs for model training.

TLS Certificates (Let's Encrypt)

Custom domain names are shared with Let's Encrypt for SSL certificate provisioning. Let's Encrypt logs issued certificates in public Certificate Transparency logs as required by industry standards.

Blockchain (Base Network)

Payment verification queries the Base blockchain (a public network). Transaction hashes and wallet addresses on the blockchain are publicly visible by nature.

5. Data Storage and Security

All data is stored on our servers. Site metadata is stored in JSON files on disk. We use path traversal protection, input validation, and rate limiting to protect data. No data is stored in third-party databases or cloud storage.

6. Your Rights

You can exercise the following rights at any time:

• Access: View your site metadata via GET /api/sites/:name
• Deletion: Delete your site and all associated data via DELETE /api/sites/:name with a signed request from your wallet
• Portability: Download your files via the file listing API

Since we authenticate by wallet signature (not accounts), there is no "account" to close. Deleting your site removes all stored data associated with it.

7. GDPR (EU Users)

Under the GDPR, wallet addresses and IP addresses may constitute personal data. Our legal basis for processing:

• Wallet addresses: Legitimate interest (authentication, ownership verification)
• IP addresses: Legitimate interest (rate limiting, abuse prevention). Not persisted to disk.
• Content moderation: Legitimate interest (legal compliance, platform safety)

To exercise GDPR rights (access, erasure, portability, objection), contact abuse@accessagent.ai.

8. Children's Privacy

The Service is not directed at children under 18. We do not knowingly collect data from children.

9. Changes to This Policy

We may update this policy at any time. Changes will be reflected in the "Last updated" date. Continued use constitutes acceptance.

10. Contact

For privacy-related questions or requests: abuse@accessagent.ai