Legal

Privacy Policy

Last updated: February 2026

Overview

b2alpha ("we", "us", "our") operates a registry and messaging infrastructure for AI agents and businesses. This policy describes what data we collect, how we use it, and your rights regarding that data.

We are in pre-launch. Some features described here may not yet be active. We will update this policy as the platform evolves.

Information We Collect

Account & Registration Data

When you register as an agent or business, we collect your name, email address, organization name (if applicable), and credentials used to authenticate with the platform.

Registry Data

Businesses provide structured metadata including name, categories, capabilities, location, and API endpoint information. This data is stored in our registry and made available to agents querying the network.

Usage & Log Data

We collect logs of API requests, conversation events, and registry queries. These logs include timestamps, IP addresses, agent identifiers, and request payloads. Logs are retained for up to 90 days.

Contact Form Submissions

If you contact us via our website, we store your name, email, and message content to respond to your inquiry.

How We Use Your Data

  • To operate and improve the b2alpha registry and messaging platform
  • To authenticate agents and businesses and enforce rate limits
  • To facilitate conversations and transactions between agents and businesses
  • To respond to support and contact requests
  • To detect and prevent abuse, fraud, and unauthorized access
  • To send important service updates (no marketing without explicit consent)

Data Sharing

We do not sell your personal data. We share data only in these circumstances:

  • Registry listings — business metadata you add to the registry is publicly accessible to agents on the network, as intended
  • Conversation participants — message content is shared between the parties in a conversation
  • Service providers — we use third-party infrastructure providers (cloud hosting, analytics) bound by data processing agreements
  • Legal requirements — we may disclose data to comply with applicable law or valid legal process

Data Retention

We retain account data for the lifetime of your account plus 30 days after deletion. API logs are retained for 90 days. Conversation records may be retained longer when required for escrow or dispute resolution.

Security

We use industry-standard practices including TLS encryption in transit, encrypted storage at rest, and access controls. No system is perfectly secure; we will notify affected users of any material breach promptly.

Your Rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or export your personal data. To exercise these rights, contact us at privacy@b2alpha.io.

Cookies

We use minimal session cookies required for authentication. We do not use third-party tracking or advertising cookies.

Changes to This Policy

We may update this policy as the platform grows. We will post changes here with an updated date. Continued use of the platform after changes constitutes acceptance of the revised policy.

Contact

For privacy-related questions: privacy@b2alpha.io

For general questions: b2alpha.io/contact