Skip to main content
Actsurance
How It WorksFeaturesPricingUse CasesWhy ActsuranceBlogDocs
Get Early Access
Actsurance
Request Access
Back to Home
Legal
Effective May 11, 2026

Actsurance Privacy Policy

Effective Date: May 11, 2026

At Actsurance, our core philosophy is "Trust the action, not the agent." We believe in mathematical certainty and verifiable security. This commitment to security extends entirely to how we handle your data.

This Privacy Policy explains how Actsurance ("we," "our," or "us") collects, uses, and protects your information when you use our authority control plane, website, and related services (collectively, the "Services").


1. The Data We Process (And What We Don't)

As a security gateway for AI agents, our primary function is to validate intents and generate cryptographic receipts. We are designed for data minimization.

Information You Provide to Us

  • Account Information: Name, work email address, company name, and billing details required to maintain your account.
  • Policy Configurations: The rules, permissions, and guardrails you configure within our platform to govern your AI agents.
  • Communication Data: Information you provide when requesting support or participating in our private rollouts.

Information We Process from Your Agents

When your AI agent attempts a tool call through Actsurance, we process the payload to validate it against your policies.

  • Audit Log Metadata: We store cryptographic hashes (receipts), timestamps, and success/failure states of agent actions.
  • Payload Ephemerality: We do not permanently store the underlying sensitive data (e.g., PHI, PCI data) contained within the tool call. We compute the cryptographic proof, log the metadata, and discard the sensitive payload.

Information Collected Automatically

  • Usage Data: IP addresses, browser types, and platform interactions used strictly for security monitoring and platform optimization.
  • Cookies: Essential cookies required for authentication and security. We do not use third-party tracking cookies for advertising purposes.

2. How We Use Your Data

We process your data strictly to provide and secure our Services. The legal bases for this processing (under GDPR) are Contract Performance, Legal Compliance, and our Legitimate Interest in maintaining platform security.

  • To Provide the Service: Authenticating your access, enforcing your agent policies, and generating cryptographic receipts.
  • To Maintain Security: Detecting anomalies, preventing unauthorized access, and defending against abuse.
  • To Communicate: Sending critical system updates, security alerts, and billing information.

3. Data Sharing and Subprocessors

We do not sell your personal data. We only share data with trusted subprocessors strictly necessary to operate our infrastructure (e.g., secure cloud hosting providers, payment processors). All subprocessors are bound by strict Data Processing Agreements (DPAs) that mandate enterprise-grade security.


4. Data Retention

We retain your account information for as long as your account is active.

  • Cryptographic Receipts: Retained according to the tier of your plan to support your enterprise audit requirements.
  • System Logs: Retained for 90 days for security monitoring before being permanently deleted.

If you terminate your account, we will delete your personal data within 30 days, except where retention is required for legal compliance.


5. Your Rights and Choices

Depending on your location, you possess specific rights regarding your personal data.

GDPR Rights (EU/UK Residents)

  • Access & Portability: Request a copy of your data in a structured format.
  • Rectification: Correct inaccurate information.
  • Erasure (Right to be Forgotten): Request deletion of your personal data.
  • Restriction & Objection: Limit or object to certain processing activities.

CCPA Rights (California Residents)

  • Right to Know: Request disclosure of data collection practices.
  • Right to Delete: Request deletion of personal information.
  • Right to Non-Discrimination: Receive equal service regardless of privacy choices.
  • Note: Actsurance does not "sell" or "share" personal information as defined by the CCPA.

To exercise any of these rights, please contact our Data Protection Officer at privacy@qualixofficial.com. We will respond to all authenticated requests within 30 days.


6. International Data Transfers

Actsurance operates globally. When we transfer data originating from the European Economic Area (EEA) to countries without an adequacy decision, we rely on standard contractual clauses (SCCs) and robust encryption to ensure your data remains protected.


7. Security

We apply the same zero-trust principles to our internal infrastructure that we provide to our customers. All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access to production systems requires strict multi-factor authentication and is restricted to authorized personnel on a least-privilege basis.


8. Updates to This Policy

We may update this Privacy Policy as our platform evolves or regulations change. We will notify you of material changes via email or a prominent notice within the Actsurance dashboard.

Contact Us: For any questions regarding this policy, contact privacy@qualixofficial.com.

Actsurance

Trust the action, not the agent.

Actsurance is the authority control plane for AI agents, enforcing what they're allowed to do and proving every action with cryptographic receipts.

actsurance@qualixofficial.com

Something isn't working?
support@qualixofficial.com

Resources

  • Engineering Insights
  • Pilot Access

Legal

  • Privacy Policy
  • Terms of Service
  • Cookie Policy

© 2026 Actsurance. All rights reserved.