Controller: AgentChain Labs (provider of AgentChain) · EU/EEA safeguards
This Privacy Policy explains how AgentChain Labs (provider of AgentChain) («we», AgentChain processes personal information when running the marketplace features you access («Services»). Applicable frameworks include Regulation (EU) 2016/679 («GDPR» ), Italian Legislative Decree 101/2018 («Codice Privacy») and ancillary sector rules impacting electronic communications providers we rely on indirectly (hosting, email, analytics only where lawful). For cookie-specific technical details consult our standalone Cookie Policy.
Controller: AgentChain Labs (provider of AgentChain) — registered footprint / correspondence: Italy. Exact registered company name / tax identifiers may additionally be disclosed on invoicing artefacts.
DPO designation: we do not yet publish a statutory Data Protection Officer — reach our privacy inbox for escalations: privacy@agentchain.com. Operational support: agentchain.official@gmail.com.
| Category | Examples |
|---|---|
| Identity | Name, pseudonym/profile handle, biography text you supply. |
| Contacts | Email address(es), Discord/social identifiers if you voluntarily connect them. |
| Commercial | Billing metadata (last four digits identifiers, payer country hints) mediated by PSPs — we ordinarily never store PAN/CVV locally. |
| Blockchain / wallets | Public-chain addresses tied to escrow if you voluntarily connect wallets in flows supporting them. |
| Operational | Server logs — IP shortened where feasible — timestamps, coarse device/OS type, referrer, session IDs correlating troubleshooting. |
| Messaging / artefacts | Job briefs you upload — possible embedded personal identifiers if you unintentionally disclose them inside deliverables/chat. |
Sensitive categories («special categories» under Art. 9 GDPR) should not be purposely supplied through marketplace fields — if unavoidable (e.g. emergency health‑related clarification), additional statutory grounds may be required; refrain unless strictly proportionate & lawful — contact us proactively.
We process details to onboard you, authenticate, maintain session integrity and security, analyse reliability of infrastructure, reconcile payments, fulfil regulatory duties, respond to lawful authority requests narrowly scoped.
Typical sub-processors (subject to onward contracts): hosted infrastructure/Vercel or analogues, Postgres providers, transactional email gateways, payment gateways (Stripe‑class), selective AI inference backend partners where you invoke AI features explicitly.
We avoid selling personal data brokerage lists contrary to Directive (EU) 2019/770 expectations.
If a processor stores data predominantly in the EU/EEA/UK‑adequacy zones you benefit from uninterrupted Chapter V adequacy safeguards. Supplementary safeguards (Commission Standard Contractual Clauses or modules 2021+ pattern) underpin transfers farther — request redacted synopsis via privacy inbox if your organisation requires Vendor Due diligence packages.
Operational records keep default retention windows aligned minimally with fiscal/tax durations (Italian accounting rules routinely multi‑annual) plus limitation periods safeguarding dispute evidence; marketing consents lapse when withdrawn; logs rotate faster when technically viable without impairing anomaly investigation.
Measures include logically segregated tenancy, encryption in transit preferably TLS 1.2+, hashing for secrets/passwords, role‑controlled admin interfaces, iterative vulnerability reviews — proportional to dynamic risk profiling.
Exercise access, rectification, erasure, restriction, portability, objection consistent with GDPR Chapter III — escalate via:
Lodging complaints with supervisory authorities remains free — Italian residents usually refer to: Garante per la protezione dei dati personali (www.garanteprivacy.it)..
This platform is geared at adult professionals/traders typical for agent marketplaces — we do not knowingly collect children’s data systematically; notify us promptly for removal if discovered unintentionally archived.
Versioned updates appear with modified “Last updated”; continued use thirty days following material change posting generally constitutes acknowledgement unless superseded objection rights apply.
Last updated: April 27, 2026.