Version 2 — March 22, 2026

PRIVACY POLICY

AgentOS 24/7

Effective Date: March 21, 2026

Last Updated: March 22, 2026 (V2)

Website: https://agentos247.com

1. INTRODUCTION

AI2me LLC ("AI2me," "we," "us," or "our") operates the AgentOS 24/7 platform (the "Platform") at https://agentos247.com. We are committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains:

What personal data we collect
How we use your personal data
Where your data is stored (dedicated infrastructure model)
Who we share your personal data with
Your rights regarding your personal data
How we protect your personal data

By using the Platform, you agree to the collection and use of information in accordance with this Privacy Policy.

2. DATA CONTROLLER

AI2me LLC is the data controller responsible for your personal data.

Contact Information:

AI2me LLC

123 Innovation Drive, Suite 500

Wilmington, DE 19801, USA

Email: privacy@agentos247.com

Phone: +1 (302) 555-0100

EU Representative (for GDPR compliance):

[To be appointed if required based on EU user volume]

Data Protection Officer:

Email: dpo@agentos247.com

3. PERSONAL DATA WE COLLECT

3.1 Information You Provide Directly

Account Registration:

Full name
Email address
Phone number
Date of birth
Nationality and country of residence
Professional information (current club/team, position, agent representation)
Profile photo (optional)

For Organizations (Clubs, Brands):

Organization name and type
Business address
Tax ID / VAT number
Authorized representative details

Payment Information:

Credit card details (processed by Stripe; we do not store full card numbers)
Billing address
Bank account details (for wire transfers)

User-Generated Content:

Profile information and career details
Documents uploaded to the Platform (contracts, performance data, etc.)
Messages and communications with AI agents and other Platform users
Feedback and support requests

For Athletes Under 18:

Parent/guardian name and contact information
Proof of consent and guardianship

3.2 Information Collected Automatically

Usage Data:

IP address
Browser type and version
Device information (type, operating system, unique device identifiers)
Pages visited and time spent on Platform
Clickstream data and navigation patterns
Referring/exit pages
Date and time stamps

Cookies and Tracking Technologies:

Session cookies (essential for Platform functionality)
Analytics cookies (Google Analytics, Mixpanel)
Advertising cookies (Google Ads, Facebook Pixel)
Preference cookies (language, settings)

See Section 9 (Cookie Policy) for details.

3.3 Information from Third Parties

Social Media Login (Optional):

If you register via Google, Facebook, or LinkedIn, we receive:

- Name, email, profile photo

- Public profile information

- Friend lists (if you grant permission)

Data Partners and Public Sources:

Player statistics and performance data (from publicly available sources: league websites, sports databases)
Market valuation data (from third-party sports analytics providers)
News and media coverage (for market intelligence)

Background Checks (For Licensed Professionals):

FIFA agent license verification
Legal credentials verification
Compliance screening (anti-money laundering, sanctions lists)

4. DATA STORAGE & PROCESSING ARCHITECTURE

4.1 Dedicated Infrastructure Per Customer

AgentOS 24/7 operates on a dedicated infrastructure model:

Dedicated Virtual Private Server (VPS):

Each customer is assigned a dedicated VPS at the time of account creation
VPS is hosted on Amazon Web Services (AWS) infrastructure
No data is shared across customer environments — your data is isolated from other customers

What This Means for You:

Your agent conversations, memory, and files are stored only on your dedicated server
Other customers cannot access your server or data
AI2me does not have access to your agent conversations or third-party API credentials stored on your VPS (unless you grant explicit permission for support purposes)

4.2 What Is Stored on Your Dedicated Server

The following data is stored exclusively on your dedicated VPS:

Agent Data:

Agent conversation memory and context (all messages to/from AI agents)
Agent configuration files and workspace data
Agent learning and personalization data (preferences, patterns)

Customer-Provided Credentials:

API credentials for third-party integrations (Google Workspace, Twilio, ElevenLabs, Vapi, OpenAI, Anthropic, etc.)
Authentication tokens and access keys
SSH keys and encryption keys (if applicable)

User Content:

Documents uploaded to the Platform
Career profiles and performance data
Custom intelligence reports generated by AI agents

Important: AI2me has no access to:

Your agent conversations or memory
Your third-party API credentials
Your uploaded documents or proprietary data

Exception: You may grant AI2me temporary access for technical support or troubleshooting purposes. Access is logged and revoked immediately after resolution.

4.3 AI2me-Managed Infrastructure

Dante Support Agent:

The Dante support agent runs on AI2me-managed infrastructure (separate from customer VPS)
This allows centralized updates, patches, and support for all customers
Dante does not retain permanent logs of customer conversations
Support conversations are retained for 7 days for quality assurance, then deleted

Platform Services:

Core Platform services (authentication, billing, user management) run on AI2me-managed AWS infrastructure
This data includes: account information, subscription details, payment history
This data is separate from your dedicated VPS and agent data

4.4 Third-Party Data Processors

Your data may be processed by the following third-party services:

Message Delivery:

Telegram: Messages are delivered via Telegram's platform. Telegram's privacy policy applies to message transport.
You can review Telegram's privacy policy at: https://telegram.org/privacy

AI Model Providers:

Anthropic (Claude): Message content is processed by Anthropic's API for AI inference
OpenAI (GPT): Message content is processed by OpenAI's API for AI inference (if configured)
Google Gemini: Message content is processed by Google's API for AI inference (if configured)
These providers process data according to their respective Data Processing Agreements (DPAs)
AI2me uses API configurations that do not allow AI providers to train on your data

Cloud Infrastructure:

Amazon Web Services (AWS): Customer VPS infrastructure is hosted on AWS
AWS's Data Processing Agreement applies: https://aws.amazon.com/compliance/gdpr-center/
AWS is SOC 2 Type II certified and GDPR-compliant

Payment Processing:

Stripe: Credit card payments are processed by Stripe (PCI-DSS compliant)
AI2me does not store full credit card numbers

Analytics:

Google Analytics: Website usage analytics (anonymized IP addresses)
Mixpanel: Product analytics and feature usage

4.5 Data Location

Customer VPS Regions:

Customer servers are provisioned in AWS EU (Frankfurt) or AWS US (Virginia) regions
You may request your assigned region at any time by contacting support@agentos247.com
For EU customers, we default to AWS EU (Frankfurt) to minimize cross-border data transfers

AI2me-Managed Services:

Core Platform services are hosted in AWS US-East (Virginia)
Account data and billing information are stored in this region

Data Transfers:

For EU customers with US-based VPS, data transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission
All data transfers use encryption in transit (TLS 1.3)

4.6 Backup Data (Opt-In Only)

Optional Backup Service:

Customers who opt in to the backup feature receive:

Private Git repository created for agent configuration and memory snapshots
Backups performed automatically every 12 hours
Repository is private and accessible only by you and AI2me
Backups are encrypted at rest (AES-256) and in transit (TLS 1.3)

Access Control:

You have full access to your backup repository via SSH key or access token
AI2me can access backups only for restoration purposes (with your permission)
No third parties have access to your backup repository

Opt-Out and Deletion:

You may opt out at any time via Platform dashboard or support@agentos247.com
Upon opt-out:

- Automatic backups cease immediately

- Existing backup repository remains accessible to you for 30 days

- After 30 days, backup repository is permanently deleted (unless you request retention)

Backup Retention:

Historical backups are retained for 90 days by default (configurable upon request)
You may request deletion of all backups at any time

5. HOW WE USE YOUR PERSONAL DATA

5.1 Legal Bases for Processing (GDPR)

We process your personal data based on the following legal grounds:

A. Contract Performance (GDPR Art. 6(1)(b)):

Providing Platform access and services
Provisioning and managing your dedicated VPS
Processing payments and subscriptions
Facilitating deals and transactions
Communicating with you about your account

B. Legitimate Interests (GDPR Art. 6(1)(f)):

Improving Platform functionality and user experience
Market research and analytics (anonymized data)
Fraud prevention and security
Marketing communications (with opt-out option)

C. Legal Obligations (GDPR Art. 6(1)(c)):

Compliance with tax and accounting laws
Responding to legal requests and court orders
Anti-money laundering (AML) and Know Your Customer (KYC) requirements

D. Consent (GDPR Art. 6(1)(a)):

Non-essential cookies and tracking
Marketing emails (you can withdraw consent anytime)
Sharing data with third parties for purposes beyond Platform operation
Optional backup service (you can opt out anytime)

5.2 Specific Uses

Platform Operation:

Creating and managing your account
Provisioning and maintaining your dedicated VPS
Authenticating your identity
Providing AI advisory services (market analysis, valuations, recommendations)
Matching talent with opportunities (for Tier 2+ users)
Facilitating communication between users
Processing transactions and payments

AI Model Training and Analytics:

Training AI algorithms on anonymized and aggregated data only
Improving market valuation models and predictions
Identifying trends and patterns in talent market
Generating intelligence reports and insights

Important: We do NOT use your individual conversations or proprietary data to train AI models. Only anonymized, aggregated data is used for AI improvement.

Customer Support:

Responding to your inquiries and support requests
Troubleshooting technical issues (with your permission to access your VPS)
Providing guidance on Platform features

Marketing and Communications:

Sending service updates and Platform announcements
Promotional emails about new features or offerings (with opt-out)
Surveys and feedback requests
Personalized recommendations based on your profile (if you opt in)

Legal and Compliance:

Enforcing Terms and Conditions
Preventing fraud, abuse, and security threats
Complying with legal obligations (tax reporting, regulatory requests)
Resolving disputes and enforcing agreements

Research and Development:

Analyzing usage patterns to improve Platform (anonymized data)
Developing new features and services
Benchmarking and market research

6. DATA SHARING AND DISCLOSURE

6.1 When We Share Your Data

With Other Platform Users (Controlled by You):

Profile information visible to other authenticated users (as per your privacy settings)
Messages and communications you send to other users
Deal information shared with counterparties (when you initiate or accept a deal)

With Licensed Professionals (Tier 2 Hybrid Users):

When you engage a licensed FIFA agent or attorney through our network, we share relevant information:

- Contact details and career information

- Deal parameters and requirements

- Documents you upload for their review

Licensed professionals operate under separate confidentiality obligations

With Service Providers (Data Processors):

Payment Processors: Stripe (credit card processing), banks (wire transfers)
Cloud Hosting: Amazon Web Services (AWS) — infrastructure and VPS hosting
AI Model Providers: Anthropic (Claude), OpenAI (GPT), Google (Gemini) — AI inference only (no training on your data)
Analytics: Google Analytics, Mixpanel (anonymized usage analytics)
Communication: Twilio (SMS), SendGrid (email), Telegram (messaging)
Background Checks: Checkr, Sterling (for licensed professional verification)

All service providers are bound by confidentiality agreements and Data Processing Agreements (DPAs). They process data only as instructed by us and cannot use your data for their own purposes.

With Business Partners (With Your Consent):

Service provider referrals (tax advisors, wealth managers) — only with your explicit consent
Sponsorship and brand opportunities — only if you opt in to our brand partnership program

For Legal Reasons:

To comply with legal obligations (court orders, subpoenas, regulatory requests)
To protect our rights and property (fraud prevention, contract enforcement)
To protect safety and security (preventing harm, criminal activity)
In connection with mergers, acquisitions, or asset sales (with notice to you)

6.2 Data We Do NOT Share

AI2me does NOT:

Sell your personal data to third parties
Share your agent conversations or memory with other customers
Share your third-party API credentials with anyone
Use your proprietary data to train AI models for other customers
Provide AI model providers (Anthropic, OpenAI) access to train on your data

6.3 International Data Transfers

EU to USA Transfers:

Our primary Platform services are located in the United States (AWS US-East region)
Customer VPS may be located in EU (Frankfurt) or US (Virginia) based on your preference
We rely on Standard Contractual Clauses (SCCs) approved by the European Commission for EU-US data transfers
We implement supplementary security measures (encryption, access controls) to protect data in transit and at rest

Other Regions:

We may use service providers in other countries (e.g., AI model providers, analytics)
All international transfers are governed by SCCs or other approved transfer mechanisms (e.g., EU-US Data Privacy Framework)

Your Rights: If you are an EU resident, you have the right to object to international transfers (see Section 8).

7. DATA RETENTION

7.1 How Long We Keep Your Data

Active Accounts:

Account data (name, email, subscription): Retained as long as your account is active
Agent conversations and memory (on your VPS): Retained as long as your VPS is active
Usage data (analytics): Retained for 24 months
Support conversations (Dante): Retained for 7 days, then deleted

After Account Termination:

Dedicated VPS: Decommissioned within 30 days of account termination
All data on VPS (conversations, memory, files): Deleted after 30 days (unless you request export)
Account data (billing, transaction history): Retained for 7 years (legal/tax requirement)
Anonymized and aggregated data: May be retained indefinitely for research and analytics

Specific Data Types:

Payment records: 7 years (tax and accounting requirements)
Support tickets: 3 years (customer service quality assurance)
Marketing consent records: Until you withdraw consent + 3 years (proof of consent)
Backup data (if opted in): 90 days of historical backups (configurable)

Backups:

Deleted data may persist in system backups for up to 90 days
Backups are encrypted and securely destroyed after retention period

7.2 Right to Deletion (72-Hour Guarantee)

You may request full deletion of your data at any time:

How to Request:

Email: team@agentos247.com with subject "Data Deletion Request"
Or via Platform dashboard: Settings → Account → Delete Account

What Gets Deleted:

Your dedicated VPS and all data stored on it (conversations, memory, files, credentials)
Your account information (name, email, profile)
Your backup repository (if opted in)
All data we control (subject to legal retention requirements below)

Timeline:

Deletion completed within 72 hours of request
You will receive confirmation email once deletion is complete

Exceptions (Legal Retention Requirements):

Transaction and billing records retained for 7 years (tax law)
Data required for ongoing legal proceedings or disputes
Anonymized and aggregated data (non-identifiable)

8. YOUR RIGHTS (GDPR & CCPA)

8.1 EU Residents (GDPR Rights)

If you are in the European Union, you have the following rights:

1. Right to Access (Art. 15):

Request a copy of your personal data we hold
Receive information about how we process your data
Request details about your VPS location and data processors

2. Right to Rectification (Art. 16):

Correct inaccurate or incomplete data
Update your profile information

3. Right to Erasure / "Right to be Forgotten" (Art. 17):

Request deletion of your data (subject to legal retention requirements)
72-hour deletion guarantee for VPS and account data

4. Right to Restriction of Processing (Art. 18):

Limit how we process your data in certain circumstances

5. Right to Data Portability (Art. 20):

Receive your data in a structured, machine-readable format (CSV, JSON)
Transfer your data to another service provider
Export your VPS data and backup repository

6. Right to Object (Art. 21):

Object to processing based on legitimate interests
Opt out of marketing communications
Object to automated decision-making (including AI profiling)

7. Right to Withdraw Consent (Art. 7(3)):

Withdraw consent for processing at any time (for consent-based processing)
Opt out of backup service
Opt out of marketing emails

8. Right to Lodge a Complaint:

File a complaint with your national data protection authority (e.g., ICO in UK, CNIL in France)

How to Exercise Your Rights:

Email: privacy@agentos247.com

Subject: "GDPR Rights Request"

We will respond within 30 days (may extend to 60 days for complex requests).

8.2 California Residents (CCPA Rights)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

1. Right to Know:

Categories of personal data collected
Sources of personal data
Business purposes for collection
Third parties we share data with
Specific pieces of data we have collected about you

2. Right to Delete:

Request deletion of your personal data (subject to exceptions)
72-hour deletion guarantee for VPS and account data

3. Right to Opt-Out of Sale:

We do NOT sell your personal data
However, you can opt out of sharing data with third parties for advertising purposes

4. Right to Non-Discrimination:

We will not discriminate against you for exercising your CCPA rights
No denial of service, different pricing, or reduced quality

How to Exercise Your Rights:

Email: privacy@agentos247.com

Subject: "CCPA Rights Request"

Or call: 1-800-XXX-XXXX (toll-free)

Verification: We may ask you to verify your identity before processing your request (to prevent fraudulent requests).

9. DATA SECURITY

9.1 Security Measures

We implement industry-standard security measures to protect your personal data:

Infrastructure Security:

Dedicated VPS Isolation: Each customer VPS is isolated from others (no cross-customer access)
AWS SOC 2 Type II Certified: Our cloud infrastructure is audited and certified for security controls
Encryption at Rest: All data on VPS encrypted with AES-256
Encryption in Transit: All data transfers use TLS 1.3

Access Controls:

Role-Based Access Control (RBAC): AI2me staff have limited access based on job function
Multi-Factor Authentication (MFA): Required for all AI2me staff accounts
No Default Access to Customer VPS: AI2me cannot access your VPS without your explicit permission
Audit Logs: All access to customer VPS is logged and monitored

Network Security:

Firewalls: AWS security groups restrict unauthorized network access
Intrusion Detection Systems (IDS): Monitor for suspicious activity
DDoS Protection: AWS Shield protects against distributed denial-of-service attacks

Application Security:

Regular Security Audits: Annual penetration testing by third-party security firms
Vulnerability Scanning: Quarterly vulnerability assessments
Secure Development Practices: Code reviews, static analysis, dependency scanning

Employee Security:

Background Checks: All employees with data access undergo background checks
Annual Training: Data protection and security training for all staff
Confidentiality Agreements: All staff and contractors sign NDAs

9.2 Data Breach Notification

In the event of a data breach affecting your personal data:

EU Residents (GDPR):

We will notify you and the relevant supervisory authority within 72 hours
Notification will include: nature of breach, affected data, steps we are taking to mitigate harm, your rights

California Residents (CCPA):

We will notify you and the California Attorney General as required by law

All Users:

We will provide details of the breach via email to your registered email address
We will offer remediation support (e.g., credit monitoring if financial data exposed)

9.3 Your Responsibilities

You are responsible for:

Keeping your password confidential
Enabling two-factor authentication (2FA) on your account (recommended)
Securing your API credentials for third-party integrations (Google, Twilio, etc.)
Reporting suspected unauthorized access to security@agentos247.com
Using strong, unique passwords

We will NEVER ask you for your password via email or phone.

10. COOKIE POLICY

10.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our Platform. They help us provide a better user experience and analyze Platform usage.

10.2 Types of Cookies We Use

Essential Cookies (Required):

Session management (keep you logged in)
Security (prevent fraud and abuse)
Load balancing (distribute traffic efficiently)

These cookies are necessary for Platform operation and cannot be disabled.

Analytics Cookies (Optional):

Google Analytics (traffic analysis, user behavior) — anonymized IP addresses
Mixpanel (product analytics, feature usage)
Hotjar (heatmaps, session recordings)

Purpose: Understand how users interact with the Platform to improve features and performance.

Advertising Cookies (Optional):

Google Ads (remarketing, conversion tracking)
Facebook Pixel (ad targeting, campaign measurement)
LinkedIn Insight Tag (B2B ad targeting)

Purpose: Show you relevant ads on third-party platforms and measure ad effectiveness.

Preference Cookies (Optional):

Language settings
UI preferences (dark mode, dashboard layout)
Notification settings

Purpose: Remember your preferences for a personalized experience.

10.3 Managing Cookies

Browser Settings:

You can control cookies through your browser settings:

Chrome: Settings > Privacy > Cookies
Firefox: Preferences > Privacy > Cookies
Safari: Preferences > Privacy > Cookies

Note: Disabling essential cookies may prevent you from using certain Platform features.

Cookie Consent Tool:

When you first visit the Platform, you will see a cookie banner allowing you to:

Accept all cookies
Reject non-essential cookies
Customize your cookie preferences

Opt-Out Links:

Google Analytics: https://tools.google.com/dlpage/gaoptout
Facebook Pixel: https://www.facebook.com/settings/?tab=ads
LinkedIn: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

11. CHILDREN'S PRIVACY

11.1 Age Restrictions

The Platform is NOT intended for children under 13 years of age. We do not knowingly collect personal data from children under 13.

For Athletes Aged 13-17:

Parental or legal guardian consent is required
Parent/guardian must review and agree to this Privacy Policy
Parent/guardian contact information is collected for verification
We may request proof of guardianship

11.2 Parental Rights

Parents/guardians of users under 18 have the right to:

Review the personal data we have collected from their child
Request deletion of their child's data (72-hour guarantee)
Refuse further collection or use of their child's data

Contact: privacy@agentos247.com with subject "Parental Rights Request"

12. THIRD-PARTY LINKS

The Platform may contain links to third-party websites, services, or applications (e.g., social media, partner platforms).

We are NOT responsible for:

Privacy practices of third-party websites
Content or security of third-party services
Data collection by third parties

Recommendation: Review the privacy policies of any third-party sites you visit.

Third-Party Services You May Integrate:

Google Workspace, Microsoft 365, Slack
Twilio, ElevenLabs, Vapi
OpenAI, Anthropic, Google Gemini

Your Responsibility: You are responsible for reviewing and complying with the privacy policies of third-party services you integrate with your AI agents.

13. AUTOMATED DECISION-MAKING AND PROFILING

13.1 AI-Powered Features

The Platform uses artificial intelligence (AI) to:

Generate market valuations and career projections
Match talent with opportunities
Provide personalized recommendations
Analyze contracts and identify risks

These AI processes involve automated decision-making based on your profile data, performance metrics, and market trends.

13.2 Your Rights Regarding Automated Decisions

Under GDPR (Art. 22):

You have the right NOT to be subject to solely automated decisions that significantly affect you
You can request human review of any AI-generated recommendation or decision
You can challenge AI outputs and request manual intervention

How to Request Human Review:

Email: privacy@agentos247.com with subject "AI Decision Review Request"

Example: If our AI recommends a specific transfer or contract value, and you disagree, you can request a human advisor to review and explain the AI's reasoning.

13.3 Transparency

We are committed to AI transparency:

AI models are trained on historical market data and performance metrics (anonymized and aggregated)
We disclose the factors considered in AI recommendations (e.g., age, position, performance stats, market trends)
You can request an explanation of how specific AI outputs were generated
AI agents on your VPS operate based on your data only (not shared with other customers)

14. BUSINESS TRANSFERS

If AI2me is involved in a merger, acquisition, asset sale, or bankruptcy:

Your personal data may be transferred to the acquiring entity
We will notify you via email and Platform notice 30 days before the transfer
The acquiring entity will be required to honor this Privacy Policy
You will have the right to delete your data before the transfer (if you object) — 72-hour deletion guarantee applies

15. UPDATES TO THIS PRIVACY POLICY

15.1 How We Notify You

We may update this Privacy Policy from time to time. When we make material changes:

We will update the "Last Updated" date at the top
We will notify you via email (to your registered email address)
We will display a notice on the Platform for 30 days
For significant changes (e.g., new data uses, third-party sharing), we will request your renewed consent

15.2 Your Options

If you do not agree to the updated Privacy Policy:

You may terminate your account within 30 days
We will delete your data as per Section 7 (Data Retention) — 72-hour deletion guarantee applies

Continued use of the Platform after the 30-day notice period constitutes acceptance of the updated Privacy Policy.

16. CONTACT US

16.1 Privacy Questions

For questions about this Privacy Policy or our data practices:

Email: privacy@agentos247.com

For Deletion Requests: team@agentos247.com (72-hour guarantee)

Mail:

AI2me LLC

Attn: Privacy Team

123 Innovation Drive, Suite 500

Wilmington, DE 19801, USA

16.2 Data Protection Officer

For GDPR-related inquiries:

Email: dpo@agentos247.com

16.3 Supervisory Authority (EU Residents)

If you are not satisfied with our response to your privacy concerns, you may lodge a complaint with your national data protection authority:

EU Commission - List of Authorities: https://edpb.europa.eu/about-edpb/board/members_en
Example (UK): Information Commissioner's Office (ICO) - https://ico.org.uk
Example (Germany): Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)

17. SPECIAL NOTICES

17.1 For EU Residents

This Privacy Policy complies with the General Data Protection Regulation (GDPR) (EU) 2016/679.

Legal Basis Summary:

Processing Activity	Legal Basis
Account creation and Platform access	Contract Performance (Art. 6(1)(b))
VPS provisioning and management	Contract Performance (Art. 6(1)(b))
Payment processing	Contract Performance (Art. 6(1)(b))
AI-powered market analysis	Legitimate Interest (Art. 6(1)(f))
Marketing emails (opt-in)	Consent (Art. 6(1)(a))
Analytics and improvement (anonymized)	Legitimate Interest (Art. 6(1)(f))
Legal compliance (tax, AML)	Legal Obligation (Art. 6(1)(c))
Backup service (opt-in)	Consent (Art. 6(1)(a))

Data Controller vs. Data Processor:

For account and billing data: AI2me is the data controller
For data on your dedicated VPS (agent conversations, credentials): You are the data controller, AI2me is the data processor

17.2 For California Residents

CCPA Disclosure:

Categories of Personal Data Collected (last 12 months):

Identifiers (name, email, phone, IP address)
Commercial information (subscription, payment history)
Internet activity (usage data, cookies)
Professional information (career stats, performance data)
Inferences (market valuations, career projections)

Business Purposes:

Providing Platform services and VPS infrastructure
Processing transactions
Customer support
Marketing and analytics (anonymized)
Security and fraud prevention

Third Parties We Share With:

Service providers (payment processors, cloud hosting, AI model APIs)
Licensed professionals (with your consent)
Legal authorities (when required by law)

We do NOT sell your personal data.

California "Shine the Light" Law: You can request information about data shared with third parties for direct marketing purposes (privacy@agentos247.com).

17.3 For Nevada Residents

Nevada law (SB 220) allows you to opt out of the sale of certain personal data. We do NOT sell your personal data as defined by Nevada law. If you still wish to submit an opt-out request: privacy@agentos247.com.

BY USING AGENTOS 24/7, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS PRIVACY POLICY.

KEY HIGHLIGHTS:

Dedicated VPS: Your data is stored on your own dedicated server (isolated from other customers)
No Access to Your Data: AI2me cannot access your agent conversations or API credentials without your permission
72-Hour Deletion: Full deletion of your data within 72 hours upon request
Opt-In Backups: Automatic backups only if you opt in (opt out anytime)
No Data Selling: We never sell your personal data
GDPR & CCPA Compliant: Full compliance with EU and California privacy laws

END OF PRIVACY POLICY