Effective July 4, 2026
Agent Boss Privacy Policy
Data we process
A demo request includes name, work email, company, job title, company size, use case, language, and consent, with optional phone, message, and limited attribution. Intake data is not stored in D1, and raw IP addresses are not retained.
Purposes and basis
We use the data to respond, prepare the requested demo, protect the intake path from abuse, manage follow-up, and meet legal duties. Processing relies on your consent and requested pre-contract steps where applicable; future capabilities are not represented as effective services.
Processing and location
Demo-request data is stored in Agent Boss PostgreSQL on Wafi compute in Saudi Arabia. Cloudflare provides edge protection, Turnstile, and TLS, and Cloudflare or other processors may handle technical data outside Saudi Arabia; we therefore make no claim of complete Saudi data residency.
Retention and deletion
Abuse, closed records, and abuse-control data are deleted within 30 days; unconverted requests within 180 days; and the converted intake copy within 30 days after transfer to a customer record, unless law requires retention or a documented legal hold applies.
Security and minimization
Controls include least privilege, transport encryption, separated runtime secrets, PII-free admin audit records, and a retention-limited HMAC abuse fingerprint. Request bodies, Turnstile tokens, and raw IP addresses are not written to application logs.
Your rights and contact
You may request access, correction, destruction, or withdrawal of consent where applicable by contacting support@wdeftksa.com. Legal operator: Alayna Electronic Services Office, Kingdom of Saudi Arabia. You may also complain to the Saudi Data and Artificial Intelligence Authority.