iAgent Privacy Policy

How iAgent handles local processing, cloud AI calls, AI interaction logs, and third-party service providers.

Read docsRead terms

1. Information we process

iAgent is designed to process locally by default. tables, reports, contracts, and other business materials imported by the user stay on the user's device by default for workflows the user starts.

The app may store local preferences such as language, model choice, interface settings, workflow definitions, and local runtime state. These details keep the desktop experience consistent.

To prepare local document-processing capabilities, the app may contact the update server in the background to download or update the Python Runtime, document-processing components, and security update components. These requests may include app version, platform, and component version information, but they do not include documents imported by the user.

When a user registers, signs in, purchases, uses Web Chat, uses managed model credits, submits feedback, or submits an error report, iAgent may process account information, device information, request time, model name, token usage, cost, status code, error information, the user's description, app version, platform information, and necessary runtime details.

2. When data may be sent

File parsing, amount handling, format conversion, and storage writes that can run locally should run locally first. When a user uses Web Chat, managed model credits, AI-assisted generation, semantic understanding, document Q&A, rule generation, script drafts, or another feature that needs large model processing, related content may be sent to the iAgent cloud proxy, model providers, and necessary cloud service providers.

Content sent through the model path may include user prompts, conversation context, document excerpts placed into model context, table content, converted file text, tool call parameters, model responses, and intermediate model output. Users should not submit data they are not allowed to process, secrets, payment information, identity numbers, complete sensitive contracts, or other content they do not want to enter the cloud model path.

This data is used to provide AI features, generate responses, run user-started workflows, investigate issues, improve service quality, control cost, prevent abuse, support billing, and protect system security.

3. AI interaction logs and third-party processing

iAgent may use Cloudflare AI Gateway or similar cloud logging systems to record AI interaction logs. These logs may include user prompts, document content placed into model context, model responses, model name, request time, token usage, cost, latency, status code, and error information.

These logs are used for debugging, quality analysis, security review, cost control, abnormal request tracing, and service operations. Cloudflare, DeepSeek, or other necessary providers may process this data as third-party processors.

iAgent limits internal access and may set retention policies based on operations, security, compliance, and cost-control needs. Unless required by law, dispute handling, abuse investigation, or a security incident, iAgent will not use AI interaction logs for unrelated public display.

4. Logs, diagnostics, and security

Regular application logs and diagnostics help investigate errors, crashes, and performance issues. They may include request metadata, device information, app version, status codes, and error types. AI interaction logs are handled under Section 3 of this policy.

Secrets, tokens, and authentication data should not be written to public logs, prompts, script source, or publicly visible files. Users can log out and clear local tokens.

Capabilities that affect security or compliance, such as redaction, secret handling, cross-border transfer, and third-party processing, should receive separate review before formal release.

5. User controls

Users control which files they import, what they submit to AI, which workflows they run, whether generated script nodes are saved, and whether model or rule output is accepted. Critical actions should retain human review before execution.

Users can log out, clear local tokens, and use the supported billing modes shown in the public plan source.

If a user sees sensitive content where it should not appear in generated output, logs, or diagnostics, they should stop using that output and inspect it manually.

6. Policy updates and review notice

This page describes the current public data handling approach. Data flows, model calls, target markets, and third-party services should be updated here when they change.

The privacy policy may change as product features, data flows, model calls, third-party services, and launch regions change. Updates should be published on the official site with an effective date or applicable version.

If this policy conflicts with the terms of service, user notice, or applicable law, the applicable law and more specific written agreement control.