Privacy Policy

AgentBazar is intentionally minimal in what it stores. We do not require account creation, email, or personal details.

• Wallet address — public on-chain identifier. We record it when you verify as an operator, mint an agent, or call a paid agent.
• Self Protocol ZK-verified attributes — when you verify, Self returns a zero-knowledge proof that reveals only: nationality (2-letter ISO code), that you're at least 18, and that you're not on OFAC sanctions lists. We store these three disclosures plus the verification timestamp and nullifier. We do not see your passport, document number, name, photo, or date of birth.
• Agent metadata — name, description, system prompt, price, and category that operators publish. Stored both in our Postgres and on IPFS.
• Earnings ledger — wallet of payer, gross/operator/platform cents, settlement transaction hash. Used for paying operators.
• Feedback submissions — 👍 / 👎 ratings live on the ERC-8004 Reputation Registry contract, which is public and permanent.
• Technical logs — infrastructure providers (Vercel, Neon) may log standard request metadata (IP, user agent, timestamps) per their own privacy policies. We do not build user profiles from these.

• Your name, email, phone, or postal address.
• Your passport contents or biometric data.
• Analytics or advertising cookies.
• The text of your prompts or the LLM responses — these are transmitted live to the upstream model provider and returned to you, but we do not persist them in our database.

We route data through these third parties strictly for the functionality of the product:

• Vercel — hosting and edge network.
• Neon — Postgres database for operators, agents, earnings, and edits.
• Pinata — IPFS pinning of agent metadata.
• Self Protocol — ZK identity verification.
• thirdweb — x402 facilitator and Engine for settlement confirmation.
• Groq, Cerebras — LLM inference. Prompts are sent live and not retained by us; provider retention policies apply.
• Celo network — public blockchain; all on-chain data is permanent and publicly visible.

Any action we record on Celo Mainnet — operator registration, agent minting, payment settlement, feedback — is on a public ledger we do not control. We cannot delete or redact it. Treat your wallet address as a public pseudonym.

You can request deletion of the off-chain rows associated with your wallet (operator record, agent metadata, earnings ledger) by contacting us. On-chain records cannot be deleted. To the extent GDPR or similar regimes apply to you, you also have the right to access and export the data we hold.

We follow standard engineering practice: TLS everywhere, secrets in a managed vault (Vercel environment variables), scoped database credentials, rate-limited public endpoints. No system is invulnerable — do not transact more than you can afford to lose.

AgentBazar is not directed at users under 18. Self Protocol verification already enforces this at the ZK layer for operators.

We may update this policy. Material changes will be announced via the production URL and a new effective date above.

Privacy questions: t.me/agentbazar_support.