Privacy Policy

Last updated: February 25, 2026

1. General Provisions

This Privacy Policy describes how Shiftic collects, uses, and protects personal data of platform users. By using our service, you agree to the terms of this policy.

2. What Data We Collect

• Account data: email address and hashed password upon registration.
• Usage data: AI agent run logs, tool call statistics, performance analytics.
• Technical data: IP address, browser type, device information for security.
• API keys and secrets: stored encrypted (AES-256-GCM) and inaccessible to our employees.

3. How We Use Data

• Providing platform functionality (including saving chat history for user convenience).
• Authorization and account security.
• Sending service-related notifications (verification codes, alerts).
• Analyzing aggregated statistics to improve the product.

4. Third-Party Data Sharing

We do not sell or share your personal data with third parties, except infrastructure providers (hosting, database) and cases required by applicable law.

5. Data Storage and Protection

All data is stored on secure servers located in the European Union (Germany). We ensure an adequate level of data protection in accordance with applicable legislation. API keys and database connections are encrypted with AES-256-GCM. Passwords are stored exclusively as bcrypt hashes. We use JWT authentication with limited token validity.

6. Your Rights

• Obtain a copy of your personal data.
• Correct inaccurate data.
• Delete your account and all associated data.
• Withdraw consent to data processing.

Contact: support@shiftic.io

7. Cookies

We only use technically necessary cookies — JWT token for authorization. We do not use third-party advertising or analytics cookies.

8. Policy Changes

We may update this policy. For significant changes, we will notify you by email.

9. Contact

For personal data processing inquiries: support@shiftic.io