Privacy Policy

Account information.

Name, email address, organization name and slug, role, hashed password, and records of your sign-ins.

Agent action data (customer-controlled).

Fields routed through the gateway and MCP server (including agent_api_key, vendor, action, amount_cents, currency, risk_score, and free-form metadata), plus the policy decision, reason, and identifiers we generate (transaction id, approval id, audit-log row id). The customer determines what is placed in metadata.

Billing information.

Subscription plan, billing cycle, invoice history, and the customer identifier returned by our payment processor. We do not receive or store full payment-card numbers; cards are handled directly by Stripe, Inc.

Operational data.

Server and request logs (IP address, user-agent, URL, timestamp, status code), error traces, performance metrics, aggregate usage counters, and feature-use events. We use these to operate, secure, and debug the Service.

Cookies and similar technologies.

See Section 6 (Cookies) below.

Sensitive data.

ifivo does not intentionally collect payment-card numbers, government identifiers, precise geolocation, health information, or other sensitive categories. Do not place such data in action metadata.

• Provide, operate, and maintain the Service, including evaluating policies and returning decisions.
• Authenticate users, secure accounts, detect abuse, and investigate incidents.
• Display your workspace dashboard, approvals queue, transactions, and audit log.
• Bill customers, prevent fraud, and comply with tax and accounting obligations.
• Send service communications (security alerts, policy updates, billing receipts) and, where you opt in, release notes or product announcements.
• Respond to support inquiries and enforce our Terms of Service.
• Improve the Service in aggregate (product analytics, performance tuning). We do not train foundation models on customer data and do not sell personal information.
• Comply with legal obligations, respond to lawful requests, and establish or defend legal claims.

Where the GDPR or UK GDPR applies, we rely on the following legal bases:

• Contract. To provide the Service you have signed up for.
• Legitimate interests. To secure the Service, prevent abuse, and improve it.
• Legal obligation. For tax, accounting, and regulatory compliance.
• Consent. For optional marketing emails and non-essential cookies. You may withdraw consent at any time.

We share personal information only with the subprocessors listed on our Security page, and only as needed to deliver the Service. Current subprocessors include:

• Vercel, Inc.: hosting and edge delivery.
• Neon, Inc.: managed Postgres for primary data storage.
• Stripe, Inc.: payment processing and subscription billing.
• Resend, Inc.: transactional email delivery.
• Slack Technologies, LLC: optional approval-notification channel (only when you enable it).

We may also share information: (a) with our professional advisors (lawyers, auditors) under confidentiality; (b) in connection with a merger, acquisition, or sale of assets, subject to this Policy; and (c) when required by law or to protect rights, property, or safety. We do not sell personal information and do not share it for cross-context behavioral advertising.

• Action and transaction logs. Retained for the duration of your subscription plus 30 days, unless you delete them earlier via the product or contractually agree to a different period.
• Approval decisions and audit log. Retained for seven (7) years to preserve audit integrity, unless a contract specifies otherwise.
• Account data. Retained while your account is active; deleted within 30 days of account closure, except where retention is required by law (e.g., tax records for up to seven years).
• Server and request logs. Retained for up to 90 days, then aggregated or deleted.
• Marketing-email subscriptions. Retained until you unsubscribe.

ifivo uses a small number of cookies and similar technologies:

• Essential. ifivo_session keeps you signed in. Without it the product cannot function.
• Preferences. Local UI preferences (collapsed panels, table column widths) stored in localStorage.
• Analytics (aggregate). First-party, cookie-less product analytics to understand feature usage. No third-party advertising trackers are loaded.

You can reject non-essential cookies without losing core functionality. We do not participate in the IAB TCF framework and we honor Global Privacy Control (GPC) signals as an opt-out of any sharing for cross-context behavioral advertising (we do not engage in such sharing today).

We maintain administrative, technical, and physical safeguards designed to protect personal information. Measures include TLS in transit, encryption at rest for customer data, role-based access controls, key hashing for secrets, quarterly access reviews, and incident-response runbooks. See our Security page for details. No system is perfectly secure; if you believe your account has been compromised, contact security@ifivo.com immediately.

ifivo operates primarily in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States. For transfers from the EEA, the UK, or Switzerland, we rely on the European Commission's Standard Contractual Clauses (and the UK Addendum, where applicable) and implement supplementary technical measures consistent with the EDPB's recommendations.

Depending on where you live, you may have rights to:

• Access, correct, or receive a portable copy of your personal information;
• Delete your personal information, subject to limited exceptions;
• Opt out of the sale or sharing of personal information (we do not sell or share);
• Object to or restrict certain processing, or withdraw consent;
• Appeal a decision we make about your rights request; and
• Lodge a complaint with your local supervisory authority (e.g., your EU data protection authority, the UK ICO, or the California Privacy Protection Agency).

To exercise a right, email privacy@ifivo.com. We will verify your identity and respond within 30 days (or 45 days where permitted, with notice to you). You may designate an authorized agent to act on your behalf; we will require proof of authorization.

If you are an end user or employee of an ifivo customer and your data was placed into ifivo by that customer, please direct your request to that customer. We will assist them in responding.

The Service is not directed to children under 16 and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, contact privacy@ifivo.com and we will delete it.

We may update this Policy from time to time. If we make a material change, we will notify you by email or in-product notice at least 14 days before the change takes effect. The "Last updated" date at the top of this page reflects the most recent revision.

Privacy questions or rights requests: privacy@ifivo.com. Security reports: security@ifivo.com.

Postal: ifivo, Inc., 2810 N Church St, PMB 92822, Wilmington, DE 19802, United States.

EU representative (Art. 27 GDPR) and UK representative: to be designated and listed here upon appointment.