ActionGate Privacy Policy

What we collect

ActionGate processes transaction metadata submitted by agents for safety scoring. This includes action types, amounts, network identifiers, asset symbols, and actor identifiers provided in API requests. We also collect standard HTTP metadata (IP addresses, request timestamps) for rate limiting and abuse prevention.

What we do not collect

ActionGate does not collect, store, or process private keys, seed phrases, wallet contents, or full raw request payloads for analytics. When enabled, our public pages may use PostHog to capture pseudonymous product analytics such as page views, CTA clicks, and code-copy interactions so we can understand how the service is being used.

Data retention

Request metadata and usage analytics are retained for 30 days for operational and debugging purposes. Settlement records for x402 payments are retained for 90 days to support reconciliation. After these periods, data is automatically purged.

Third-party sharing

ActionGate does not sell or rent your data. Limited transaction data may be sent to GoPlus (address reputation lookups), Tenderly (transaction simulation), and Coinbase CDP (x402 payment verification) solely to fulfill API requests. When browser analytics are enabled, limited pseudonymous event data from our public pages is also sent to PostHog for product analytics. Each service receives only the minimum data required to perform its function.

Contact

For privacy-related inquiries, reach us at privacy@actiongate.xyz or open an issue on our GitHub repository.