In transit
All traffic is served over TLS 1.2+ (TLS 1.3 where the client allows it). No plaintext endpoints, HSTS enforced.
Back to Agentationsecurity
We connect. We don't watch.
Agentation runs as a thin layer on top of your AI, your GitHub and your own setup — on your machine. We're never given access to your GitHub or your AI. The account we keep only lets profiles interconnect and follows your subscription. This is exactly what we touch — and everything we never see.
the data flow
What we connect to — and what we never see.
Two short lists. The honest version of "we don't watch": where each thing actually lives, and why it never has to pass through us.
What we connect to
Your settings, read-only
We read your project settings — which agents are approved, your rules, your roster — so the workspace can run.
Notification routing
We route each notification to the right role: your Product Owner or your Tech Lead. That routing is the connection.
Your GitHub, on your machine
Branches, commits and PRs run from your own machine's GitHub setup. No token, no scope, no GitHub access is ever handed to us.
What we never see
Your source code
It ships through your GitHub. We never store, copy or read a line of it on our side.
Your AI usage
You bring your own AI subscription. Prompts and completions stay between you and your AI provider — never us.
Your business data
Whatever your product holds about your users stays inside your product. Agentation has no reason to read it, and doesn't.
encryption
Encrypted in transit, encrypted at rest.
Every connection and every stored byte we do hold is encrypted with modern, standard cryptography. No custom schemes.
At rest
The little we store — your settings and routing metadata — is encrypted at rest with AES-256 on managed infrastructure.
Secrets
The little we keep — your settings, routing metadata and billing identity — lives in a dedicated, encrypted store, scoped and rotatable. We hold no GitHub or AI credentials at all.
authentication & access
Your GitHub never logs into us.
Agentation never authenticates to GitHub. The agents push through your own machine's git setup, so no token or scope is ever granted to us — and no code is stored on our side.
No grant to us
We request nothing from your GitHub. There's no access given to our servers — the agents act through your own local setup.
Nothing to revoke
There's no access to pull back from us — we were never connected to your GitHub. It stays entirely under your control.
No code storage
We do not clone, archive or cache your source on our servers. The repository of record stays yours, always.
your AI, your compliance
Bring your own AI. Keep your own compliance.
Agentation runs on the AI subscription you already pay for. Because the model is yours, the compliance posture is yours too — you decide where prompts go and under which terms.
You pick the model
Claude, OpenAI, Cursor and more — whichever your Tech Lead approves. The model provider is your contractual relationship, not ours.
You pick the region
If your provider offers regional or data-residency controls, you keep them. We don't reroute your AI traffic through us.
You own the terms
Your DPA and usage terms with your AI provider apply unchanged. Agentation adds no model intermediary in between.
infrastructure
Where the little we hold actually runs.
We keep the surface small on purpose. Below is the list of sub-processors that touch the metadata we do store. We update it as it changes.
Sub-processorPurposeRegion
HetznerCloud hostingApplication & encrypted metadata hostingGermany (EU)
SupabaseDatabase & authenticationAccount data & auth, encrypted at restEU region
GitHubAuthenticationGitHub OAuth identity (no repository access)United States
TODO: error monitor (e.g. Sentry)Error monitoringAggregated, non-content diagnosticsTODO: region
This list is kept current. Ask us for the live version before an audit.
compliance & audit
Built to pass your audit — not to claim badges we don't hold.
We'd rather be honest than impressive. Here is exactly where we stand on compliance, in plain terms.
GDPR-aligned
Our processing is built around GDPR principles: data minimisation, purpose limitation, and your rights as a data subject. The app and site run on EU soil — Hetzner in Germany — with your database and auth on Supabase in the EU.
Auditable by your teams
Your security and procurement teams can review how we connect, on request. We're built to be checked, not trusted blindly.
Certifications in progress
We do not claim SOC 2 or ISO 27001 certification today. We're building toward those controls and will say so plainly when they're independently verified.
No badge we haven't earned. If we claim it, you can verify it.
responsible disclosure
Found something? Tell us first.
We welcome reports from security researchers. Disclose responsibly and give us a reasonable window to fix the issue before going public — we'll keep you posted the whole way.
Email our security team
security@agentation.appWe acknowledge reports quickly and keep you updated until the fix ships.
retention & your rights
We keep little, for as long as you stay — then delete it.
Data minimisation isn't a slogan here: we only hold settings and routing metadata, only while your account is active.
Retention
Settings and routing metadata are kept while your account is active, then deleted within a defined window after closure.
Deletion
Close your account and the metadata we hold is removed. Your code and AI history were never ours to delete — they're yours.
Your GDPR rights
Access, rectification, erasure, portability and objection. Contact us and we'll act within the statutory timeframe.
the line we won't cross
We never sell your data.
No reselling, no data brokering, no advertising profiles — ever. Your information is not the product, and it never will be. That's a commitment, not a setting.