← RemoteAgent

Privacy Policy

Effective date: April 1, 2026 — DDO LTD

1. Who We Are

RemoteAgent is operated by DDO LTD, registered in Malta. We are the data controller for personal data processed through this service. For privacy inquiries, contact us at privacy@remoteagent.chat.

2. What Data We Collect

Via Telegram Login:
  • Telegram user ID (numeric)
  • Telegram username (if public)
  • First name (used only for greeting messages)
Via Stripe (paid plans only):
  • Billing name and email address
  • Payment method (stored by Stripe — we never see raw card data)
Usage data:
  • Session metadata (start time, status, first 200 characters of prompts)
  • Agent connection status and last-seen timestamps
  • Server logs (IP addresses, request timestamps) — retained for 30 days

3. What We Do NOT Collect

  • Your Anthropic API key — it never leaves your server
  • Your source code or file contents
  • Full prompt or response content from Claude
  • Passwords (we use Telegram for authentication)

4. How We Use Your Data

  • To authenticate you and manage your account
  • To deliver the relay service between your agent and Telegram
  • To send you service notifications and trial reminders via Telegram bot
  • To process payments and manage subscriptions
  • To detect abuse and ensure service security

5. Legal Basis (GDPR)

We process your personal data under the following legal bases:
  • Contract performance — to provide the service you signed up for
  • Legitimate interests — security, fraud prevention, service improvement
  • Legal obligation — compliance with applicable law

6. Third-Party Services

We use the following third-party processors:
  • Telegram — authentication and messaging (Telegram Privacy Policy applies)
  • Stripe — payment processing (Stripe Privacy Policy applies)
  • Supabase — database and realtime infrastructure (hosted in EU)
  • Vercel — web hosting and serverless functions
We do not sell your data to third parties.

7. Data Retention

We retain your account data for as long as your account is active. If you cancel or your trial expires without subscribing, account data is deleted after 30 days. Server logs are deleted after 30 days. You can request immediate deletion at any time.

8. Your Rights (GDPR)

As a resident of the EU/EEA, you have the right to:
  • Access — request a copy of your personal data
  • Rectification — correct inaccurate data
  • Erasure — request deletion of your data
  • Portability — receive your data in a machine-readable format
  • Objection — object to processing based on legitimate interests
  • Lodge a complaint — with the Malta Information and Data Protection Commissioner (IDPC)
To exercise any of these rights, contact us at privacy@remoteagent.chat. We will respond within 30 days.

9. Cookies

RemoteAgent uses a single session cookie (httpOnly, secure) to keep you logged in. We do not use tracking cookies or third-party analytics.

10. Security

We implement industry-standard security measures including HTTPS, encrypted session tokens, HMAC signature verification on Telegram webhooks, and row-level security on our database. Despite these measures, no system is completely secure — use the service at your own risk.

11. Changes to This Policy

We may update this policy from time to time. We will notify you via Telegram bot of material changes. The effective date at the top of this page will always reflect the latest version.

12. Contact

For privacy-related requests or questions: privacy@remoteagent.chat
DDO LTD, Malta
Terms of ServiceBack to home