Privacy Policy
Effective Date: 2025.12.02
This Privacy Policy describes how Genesis Lab, Inc., trading as Agentria ("Genesis Lab," "we," "us,"
or "our") collects, uses, discloses, and protects your personal information when you use the Agentria
platform and related services (the "Platform"). This Privacy Policy applies to all users of our AI agent
building platform.
Our Contact Information:
Company: Genesis Lab, Inc. (trading as Agentria)
Address: 5F, 73 Myeongdong-gil, Jung-gu, Seoul, Republic of Korea 04538
Website: https://agentria.ai
Privacy Inquiries: support@agentria.ai
Genesis Lab, Inc. is the data controller of your personal information and is responsible for the
processing described in this Privacy Policy.
Table of Contents
Overview and Service Description
Information We Collect
How We Use Your Information
Legal Basis for Processing
How We Share Your Information
International Data Transfers
Data Retention
Security Measures
Cookies and Similar Technologies
Your Privacy Rights
Children's Privacy
Third-Party Services
Changes to This Privacy Policy
Contact Information
Global Compliance Disclaimer
Jurisdiction-Specific Provisions
Agentria is a platform that enables individuals and organizations to build, test, deploy, and share AI agents through our visual design interface. Our platform facilitates the creation of AI-powered workflows without requiring programming experience, and includes the following features:
Visual node-based AI agent creation
Team collaboration and version control
Agent testing and performance evaluation
Data storageDeployment options (cloud APIs)
Community marketplace (planned feature)
Other development and operational support features for AI agent creation
We are committed to protecting your privacy and being transparent about how we collect, use, and share your personal information.
Personal Information Manager:
Name: Lee Young Bok
Title: CEO
Contact: privacy@agentria.ai
We collect personal information in the following categories and circumstances:
Category | Information Collected | Collection Circumstances | Legal Basis |
|---|---|---|---|
Account Registration | Name, email address, password (encrypted), company information (for business accounts) | When you create an account to access the Platform | Contractual necessity |
AI Agent & Content Data | Third-Party Application Authentication Information | During platform and agent usage | Legitimate interest |
Payment & Billing | Billing name and address, payment information (processed by Paddle), purchase history, tax information | For paid service subscriptions | Contractual necessity |
Communication Records | Customer support inquiries, platform messages, event registration data, newsletter subscriptions | When you contact us or participate in communications | Legitimate interest, Consent |
Technical & Usage Data | IP address, browser type, device information, usage patterns, performance metrics, error logs, analytics data (Google Analytics, Microsoft Clarity, | Automatically during platform use | Legitimate interest |
Community & Forum Data | Email address, social login handle, forum posts, profile information | When participating in community features | Legitimate interest, Consent |
Events & Conferences | Name, address, email, phone number, photos/videos (with consent) | Event registration and attendance | Legitimate interest, Consent |
Social Media Engagement | Social media handles, names, email addresses | When engaging with our social media presence | Legitimate interest |
Marketing & Newsletters | Name, email address, marketing preferences | When you opt-in or under legitimate interest | Consent, Legitimate interest |
Important Commitment: We do NOT use any personal data (including data received via third-party services) for developing, improving, or training AI/ML models.
We process your personal information for the following purposes:
3.1 Platform Services
Provide access to Agentria platform features
Enable AI agent creation, testing, and deployment
Facilitate team collaboration and version control
Process payments and manage subscriptions
Provide customer support and technical assistance
3.2 Platform Improvement and Analytics
Analyze platform usage to enhance user experience
Develop new features and capabilities
Optimize performance and reliability
Conduct research and development
Generate aggregate statistics and insights
3.3 Communication and Marketing
Send service-related notifications and updates
Provide newsletters and educational content (with consent)
Announce new features and updates
Facilitate community engagement
Respond to inquiries and support requests
3.4 Security and Compliance
Protect against fraud, abuse, and security threats
Enforce Terms of Service and platform policies
Comply with legal obligations and regulatory requirements
Investigate and respond to legal claims
3.5 Business Operations
Manage business relationships and partnerships
Facilitate business transfers or reorganizations
Maintain business records and audit trails
We process your personal information based on the following legal grounds:
Contractual Performance: To provide services and fulfill contractual obligations
Legitimate Interest: For platform improvement, security, analytics, marketing, and business operations (balanced against your privacy rights)
Consent: For marketing communications, certain analytics, and optional data processing
Legal Compliance: To comply with applicable laws, regulations, and legal obligations
We share your information only in the following limited circumstances:
5.1 Service Providers and Processors
We engage trusted third-party service providers who process data on our behalf:
Cloud hosting and infrastructure: Amazon Web Services (AWS)
Payment processing: Paddle (Merchant of Record)
Analytics and monitoring: Google Analytics, Microsoft Clarity,
Reddit AdsCustomer support tools: Featurebase
Security services: Fraud prevention and security monitoring
Data Processing Arrangements:
Commission Period: Until termination of processing agreements
Safeguards: Standard data processing agreements, security measures, and contractual obligations
5.2 Business Transfers
In the event of merger, acquisition, or sale of assets, your personal information may be transferred to ensure service continuity, with appropriate notice.
5.3 Legal Requirements and Protection
We may disclose information when required by law or to:
Comply with legal processes, court orders, or government requests
Protect rights, property, or safety of Genesis Lab, users, or the public
Prevent fraud, abuse, or violations of our Terms of Service
Respond to emergency situations
5.4 Public Information and Community Features
Information you choose to make public may be visible to:
Other platform users and the general public
Search engines (for public content)
Third parties accessing public APIs
5.5 Aggregate and Anonymized Data
We may share aggregate, anonymized statistics that cannot identify individual users.
6.1 Data Storage Locations
Your data is primarily stored in:
South Korea (AWS Seoul Region)
United States (AWS infrastructure)
6.2 Transfer Safeguards
When transferring personal data internationally, we implement appropriate safeguards:
Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions by relevant data protection authorities
Additional security measures as required by applicable laws
Compliance with local transfer requirements (GDPR, PIPA, etc.)
We retain personal information only as long as necessary for legitimate purposes:
Data Type | Retention Period | Rationale |
|---|---|---|
Account information | While account is active + 7 years after deletion | Contractual and legal obligations |
Payment records | 7 years from last transaction | Tax and accounting legal requirements |
Support communications | 3 years | Customer service and dispute resolution |
Usage analytics (anonymized) | Indefinitely | Product improvement and research |
Agent creation data | While account is active + 30 days after deletion | Service provision and data recovery |
You may request deletion of your account and data at any time through account settings or by contacting privacy@agentria.ai.
We implement comprehensive security measures across multiple domains:
8.1 Technical Safeguards
End-to-end encryption in transit (TLS 1.3) and at rest (AES-256)
Multi-factor authentication options
Regular security assessments and penetration testing
Secure coding practices and code reviews
Network segmentation and access controls
Automated threat detection and monitoring
8.2 Administrative Safeguards
Employee training on data protection and security
Role-based access controls and privilege management
Regular security policy reviews and updates
Incident response procedures and breach notification protocols
Third-party security assessments and audits
Background checks for employees with data access
8.3 Physical Safeguards
Secure data centers with restricted physical access
Environmental controls and monitoring systems
Redundant backup systems and disaster recovery procedures
Secure disposal of physical media and hardware
We use cookies and similar tracking technologies to enhance platform functionality:
9.1 Cookie Categories
Essential Cookies: Required for platform operation and security
Analytics Cookies: Used to understand usage patterns and improve services
Preference Cookies: Remember your settings and preferences
Marketing Cookies: Used for personalized marketing (with consent)
9.2 Third-Party Cookies
Google Analytics: Website and platform usage analytics
Microsoft Clarity: User behavior analytics and feature usage tracking
Reddit Ads: Conversion tracking and ad performance measurement for Reddit advertising campaigns
9.3 Cookie Management
You can control cookie settings through:
Your browser preferences and settings
Our platform's privacy settings (where available)
Direct opt-out links in marketing communications
Note: Disabling essential cookies may limit platform functionality.
Depending on your location and applicable law, you may have the following rights:
10.1 Universal Rights (Available to All Users)
Access: Request information about data we hold about you
Correction: Update inaccurate or incomplete information
Deletion: Request deletion of your personal information
Account Control: Manage your account settings and preferences
10.2 Enhanced Rights (Jurisdiction-Dependent)
Data Portability: Receive your data in a portable format
Processing Restriction: Limit how we process your information
Objection: Object to certain types of processing
Consent Withdrawal: Withdraw previously given consent
Automated Decision-Making: Rights regarding automated processing
10.3 How to Exercise Your Rights
Platform Settings: Use built-in privacy and account management tools
Email Request: Contact privacy@agentria.ai with specific requests
Account Deletion: Delete your account directly through platform settings
We will respond to valid requests within the timeframes required by applicable law (typically 30 days).
Our platform is not intended for children under 13 years of age. However, in certain jurisdictions (e.g., 14 years of age in the Republic of Korea, 13-16 years of age in EU member states), higher age thresholds may apply under applicable laws. We comply with the age requirements established by the laws of each jurisdiction.
We do not knowingly collect personal information from children below the applicable minimum age. If we become aware that we have collected such information, we will:
Delete the information promptly
Suspend the account if necessary
Notify parents or guardians if contact information is available
Parents or guardians who believe their child has provided personal information should contact us immediately at privacy@agentria.ai.
Our platform may integrate with or link to third-party services. This Privacy Policy does not apply to third-party services, which have their own privacy practices. We recommend reviewing the privacy policies of any third-party services you use.
Key third-party integrations include:
Payment processing (Paddle)
Cloud services (AWS)
Analytics providers (Google Analytics, Microsoft Clarity, Rdddit Ads)
Social media platforms (for login or sharing features)
We may update this Privacy Policy to reflect:
Changes in our data processing practices
New features or services
Changes in applicable laws or regulations
Feedback from users or regulators
13.1 Notification Process
For material changes, we will:
Provide at least 30 days advance notice via email
Post prominent notifications on our platform
Update the "Effective Date" at the top of this policy
Maintain previous versions for reference
Continued use of our platform after changes become effective constitutes acceptance of the updated Privacy Policy.
For Privacy Inquiries:
Primary Contact: privacy@agentria.ai
General Support: support@agentria.ai
Personal Information Manager:
Name: Lee Young Bok
Title: CEO
Department: Executive Leadership
Mailing Address: Genesis Lab, Inc. 5F, 73 Myeongdong-gil, Jung-gu Seoul, Republic of Korea 04538
This Privacy Policy is designed to comply with major global privacy regulations including GDPR, CCPA, and Korean PIPA. However:
Limitations and Disclaimers:
Privacy laws vary significantly by jurisdiction and are subject to frequent changes
This policy may not address every requirement of every local privacy law globally
Some jurisdictions may require additional consents, disclosures, or procedures
Where local law conflicts with this policy, local law will prevail
Users are responsible for understanding their local privacy obligations
We provide the flatform that enables you to build, test, deploy, and share AI agents, but do not access, view, or control the content of data you store or how you configure or utilize the agents you createYou are solely responsible for all personal information collected, used, and shared through AI agents you build using our platformYou must obtain necessary consents, provide appropriate privacy notices, and comply with applicable privacy laws for personal information processed by your AI agents
Our Commitment:
We strive to meet or exceed the requirements of major privacy frameworks
We will work to accommodate reasonable requests for additional compliance measures
We continuously monitor changes in privacy laws and update our practices accordingly
We engage with privacy professionals and legal experts to maintain compliance
We are committed to protecting your privacy while providing the platform, but cannot control privacy practices of AI agents built by our users
User Acknowledgment: By using our services, you acknowledge that:
You have read and understood this disclaimer
You accept any limitations in our ability to comply with all local requirements
You will inform us of specific local compliance requirements that may apply to your use
You accept full responsibility for privacy compliance related to AI agents you build, test, deploy, and share using the platformWe are responsible for platform infrastructure security but not liable for privacy violations or personal information handling issues arising from how you configure and deploy your AI agents
The following provisions supplement this Privacy Policy for users in specific jurisdictions:
A. European Union and United Kingdom (GDPR/UK GDPR)
Enhanced Rights under GDPR:
Right to be informed (fulfilled by this Privacy Policy)
Right of access (Article 15) - detailed information about processing
Right to rectification (Article 16) - correction of inaccurate data
Right to erasure (Article 17) - "right to be forgotten"
Right to restrict processing (Article 18) - limitation of processing activities
Right to data portability (Article 20) - transfer data between services
Right to object (Article 21) - object to processing for legitimate interests
Rights related to automated decision making (Article 22)
Legal Basis Specifications:
Contractual performance: Account management, service provision
Legitimate interest: Platform improvement, security, some marketing
Consent: Newsletter subscriptions, optional analytics
Legal obligation: Compliance with EU/UK laws
Data Protection Authority Contacts:
EU residents: Contact your national supervisory authority
UK residents: Information Commissioner's Office (ICO)
Cross-Border Transfer Mechanisms:
Standard Contractual Clauses (SCCs) for transfers outside EEA/UK
Adequacy decisions where available
Additional safeguards as required by competent authorities
Data Protection Officer: Available upon request for matters requiring specialized expertise.
B. United States - California (CCPA/CPRA)
Categories of Personal Information Collected (Last 12 Months):
Identifiers: Name, email address, IP address, unique device identifiers
Internet/Network Activity: Browsing history, search history, interaction with platform
Geolocation Data: Approximate location derived from IP address
Professional/Employment Information: Company details, job-related information
Commercial Information: Purchase history, billing records, payment information
Inferences: Preferences, behavior patterns derived from usage data
California Consumer Rights:
Right to Know: Categories and specific pieces of personal information collected
Right to Delete: Deletion of personal information (with certain exceptions)
Right to Correct: Correction of inaccurate personal information
Right to Opt-Out: Opt out of sale/sharing for cross-context behavioral advertising
Right to Limit Sensitive Information: Limit use of sensitive personal information
Right to Non-Discrimination: Equal service and pricing regardless of privacy choices
Important Clarifications:
We Do Not Sell Personal Information as defined by CCPA
We Do Not Share for Cross-Context Behavioral Advertising without explicit consent
Sensitive Information Processing is limited to disclosed purposes only
Exercise Your Rights:
Online form: Contact Us
Email: privacy@agentria.ai
Authorized Agent Requests: Authorized agents must provide proof of authorization and verify identity through the same process as consumers.
Response Timeframes:
Standard requests: 45 days (extendable by 45 days if complex)
Deletion requests: Processed within 45 days
Opt-out requests: Processed within 15 days
C. South Korea (Personal Information Protection Act - PIPA)
Personal Information Protection Officer:
Name: Lee Young Bok
Title: CEO
Contact: privacy@agentria.ai
Responsibilities: Overall data protection compliance and user rights
Rights under PIPA:
Right to access personal information and processing status
Right to correct or delete inaccurate information
Right to request suspension of processing
Right to receive damages for violations
Right to collective dispute resolution
Cross-Border Transfer Compliance:
Consent obtained for transfers outside Korea (where required)
Adequate protection measures for all international transfers
Regular assessment of destination country protection levels
Data Retention in Compliance with Korean Law:
Personal information: Only as long as necessary for processing purposes
Financial records: 5 years (Electronic Financial Transactions Act)
Communication records: 3 years (Telecommunications Business Act)
Website logs: 3 months (Protection of Communications Secrets Act)
Complaint Procedures:
Primary Contact: privacy@agentria.ai
Regulatory Authority: Personal Information Protection Commission (PIPC)
PIPC Website: privacy.go.kr
PIPC Phone: +82-2-6402-0118
Consignment Arrangements
Consignee: Amazon Web Services (AWS)
Consignment Period: Duration of service agreement
Processing Scope: Email delivery services
Security Measures: Encryption, access controls, monitoring
Supervision: Regular audits and compliance monitoring
D. Canada (PIPEDA and Provincial Laws)
Privacy Rights under PIPEDA:
Right to know what personal information organizations collect, use, and disclose
Right to access personal information held by organizations
Right to challenge accuracy and completeness of information
Right to withdraw consent (with certain limitations)
Right to complain to Privacy Commissioner
Provincial Variations:
Alberta (PIPA): Additional requirements for data breach notification
British Columbia (PIPA): Enhanced consent requirements for certain processing
Quebec (Law 25): Stricter consent and data subject rights similar to GDPR
E. Australia (Privacy Act)
Australian Privacy Principles (APP) Compliance:
Open and transparent management of personal information
Anonymity and pseudonymity options where practicable
Collection limitations and notification requirements
Use and disclosure restrictions
Data quality and security measures
Access and correction rights
Notifiable Data Breaches Scheme: We will comply with notification requirements for eligible data breaches affecting Australian residents.
F. Brazil (Lei Geral de Proteção de Dados - LGPD)
Data Subject Rights under LGPD:
Confirmation and access to personal data
Correction of incomplete, inaccurate or outdated data
Anonymization, blocking or deletion of data
Data portability
Information about data sharing and consent withdrawal
Legal Basis for Processing:
Consent for non-essential processing
Legitimate interest for platform operation and improvement
Contractual performance for service delivery
G. Other Jurisdictions
For users in jurisdictions not specifically addressed above:
We apply the highest privacy standards outlined in this policy
We will make reasonable efforts to accommodate specific local requirements
Users should contact privacy@agentria.ai for jurisdiction-specific questions
We may implement additional measures as required by local laws