Skip to content
Legal

Privacy Policy

Last updated: May 27, 2026

This policy describes what Vertex collects when you use the product, how that data is stored, and the controls you have over it. We try to be specific rather than generic — if something below is unclear or out of date, email support@vertex.com.

1. What we collect

  • Account data. The email and name returned by your OAuth provider (Google) during sign-in, plus any workspace name and slug you set.
  • Provider credentials you vault. When you store a Stripe, Cloudflare, Supabase, or custom HTTPS credential through Vertex, the secret is encrypted in Supabase Vault (pg_sodium-backed). Vertex retains a SHA-256 hash, a short prefix (first ~14 chars), and the last 4 chars for display purposes. The raw value is never available to our application code — it's pulled into the Rust proxy at request time and zeroized after the swap.
  • Audit telemetry. Every routed agent call writes a row containing the destination host, HTTP status, reason code, and a hash of the request body. For forensic incident review we also capture a small metadata slice: the request path and HTTP method, a fixed safelist of non-sensitive headers (content-type, accept, user-agent, content-length), and a redacted summary of MCP tool calls — the tool name plus argument keys and value shapes only. Secrets and string values are masked before anything is written, so we still do not store full request payloads, response bodies, or provider response data — only the redacted keys-and-shape summary, never raw contents. Audit rows are subject to your plan's retention window (7d Free, 30d Developer, 365d Business) after which a daily cron reaps them.
  • Pilot conversation history. Messages you type to Pilot, the workspace snapshots Pilot reads to answer, and Pilot's responses are stored in your workspace's row-level-security-scoped tables. Uploaded credential files are parsed server-side and the raw values are cached in Upstash Redis for 10 minutes only — Pilot itself sees only fingerprints (prefix, last4, key kind), never the secret. Conversations age out on the same plan retention schedule as audit telemetry.
  • Billing data. Polar (our payments processor) handles card details and tax info directly. Vertex receives only a customer ID and subscription state.

2. What we do not collect

  • The plaintext of any provider credential after it's vaulted.
  • Full request bodies or response bodies of agent calls. (We keep only a redacted forensic summary of MCP tool calls — tool name plus argument keys and value shapes, with secrets and string values masked — never the raw payload or response.)
  • Cross-customer analytics, fingerprints, ad pixels, or third-party trackers.

3. How we use it

Account and workspace data drives the product surface. Vaulted credentials are used only when your agent's keychain authorizes a routed call. Audit telemetry is shown to you, used by Pilot to answer your questions, and reaped after retention. Billing data is used to charge for paid plans.

4. Sharing

We share data only with the subprocessors required to deliver the product:

  • Supabase — Postgres host, vault, auth.
  • Vercel — application + serverless runtime.
  • Upstash — Redis (rate limiting, session policy cache, Pilot attachments).
  • Polar — billing.
  • Resend — transactional email.
  • Google AI (Gemini API) — Pilot's LLM provider.

Pilot's outbound requests to Gemini contain only fingerprints + workspace state — never your provider credentials.

5. Your controls

  • Revoke a keychain instantly from the dashboard.
  • Edit or rotate any stored provider credential.
  • Archive any Pilot conversation.
  • Delete your entire workspace — owner-only, cascades through every workspace-scoped table — from the BillingPanel danger zone.
  • Request account-level data export or deletion: email support@vertex.com.

6. Security

Workspace data is row-level-security scoped — a user can only read rows belonging to workspaces they're a member of. Provider credentials are encrypted at rest. Outbound requests from the proxy use ES256 JWT validation, no-redirect-following, body size caps, and per-keychain spend ceilings. Webhook deliveries are HMAC-SHA256 signed.

7. Contact

Privacy questions: support@vertex.com. Security disclosure: support@vertex.com.