Privacy Policy
Trusty Squire is a credential broker: it provisions SaaS accounts on your behalf and stores the resulting API keys and secrets in an encrypted vault, so your AI agent can use them without ever holding the raw values. This policy explains what we collect, how the vault works, and the control you have over your data.
The short version
- Your stored credentials are encrypted at rest and are a write-only sink — the agent (and we) cannot read a raw secret back out. Secrets are injected server-side only when you explicitly use them.
- We do not sell your data, and we do not read your stored secrets.
- You can permanently delete everything at any time.
What we collect
- Account identity. The email and provider id from the Google or GitHub account you sign in with, so your install is bound to your account.
- Credentials you ask us to vault. The API keys, tokens, and login secrets you store. These are encrypted with envelope encryption; the plaintext is never returned to the agent and never written to a log.
- Audit metadata. A record of which credential was stored, retrieved, rotated, or proxied, and when — with no secret values. This is the “who touched my keys” trail you can read back.
- Operational data. Machine/session tokens that authenticate your install, and minimal request logs (method, path, status — never headers, bodies, or secrets).
Email verification reads your own inbox
When a signup needs an email verification code, the operator reads it from your own signed-in inbox, in your own browser session, behind a just-in-time consent gate you approve per session. We do not mint email aliases for you and we do not store your inbox contents.
How the vault protects your secrets
Every credential is sealed under a per-credential key, which is itself wrapped by a master key held in our infrastructure and never exposed to the application. A secret is only ever decrypted server-side, at the moment you make an authenticated request through the injecting proxy, and the raw value is returned only to the upstream provider — never to the agent, the audit log, or you (you read your own plaintext from the web vault if you need it).
Third parties
- Hosting — our API and database run on Fly.io.
- The services you provision — when you ask Trusty Squire to sign you up for a service, that account and its data are governed by that service’s privacy policy and terms.
- We don’t sell or share your data with advertisers or data brokers.
Retention & your rights
You can permanently erase all of your data — credentials and the audit trail — from the web vault at any time. Operational logs and audit events are retained on a rolling window and then deleted automatically.
Contact
Questions or a data request? Email privacy@trustysquire.ai.