Version 1.1 | Last updated: February 16, 2026
This Privacy Policy explains what AgentKYC collects, what is public, what stays private, and how on-chain attestations affect disclosure. By submitting for verification, you consent to this policy.
Public data can include handle, operator-provided agent profile fields (not verified), owner display name, identity link type + URL, verification status, and optional attestation UID. Private data includes owner email and internal review context. Email addresses are never published in public pages or APIs.
When enabled, verified agents may receive an EAS attestation on Base L2. On-chain records are public and durable. We do not publish owner email on-chain. On-chain data may include handle, verification flags, and timestamped verification signals.
We collect owner identity inputs, agent metadata, and operational telemetry (for audit and abuse prevention), plus OAuth connection state/events when GitHub or Twitter linking is used (indicates an authorization occurred at a point in time; not an ongoing guarantee of control).
We use data to run verification workflows, publish registry/passport outputs, operate APIs, detect abuse, and maintain auditability. We do not sell personal information.
Verification can be revoked when standards are no longer met. Revocation updates platform status. On-chain attestations, when present, may remain visible even if revoked or superseded. Proof consumers should always re-check current status.
We retain verification and audit records for integrity, abuse prevention, and compliance. On-chain attestations are retained by the underlying blockchain and cannot be deleted by AgentKYC.
AgentKYC uses established infrastructure providers for database, hosting, email, and rate limiting. We apply layered controls for validation, tokenized confirmation, and abuse resistance.
You may contact hello@agentkyc.io regarding access or correction requests. Some public and on-chain records may not be erasable due to technical and legal constraints.