Legal

Privacy Policy

Effective date: 22 March 2026 · Last updated: 22 March 2026

This Privacy Policy explains how Black Salt Kft. (“we”, “us”, or “our”), operating the AgentHeaven service at agentheaven.ai, collects, uses, stores, and protects your personal information when you use our website or subscribe to our managed AI agent service.

We are committed to handling your personal data responsibly and in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) where applicable.

The short version: We collect your name, email address, phone number, and billing address when you sign up. We use this information solely to process your subscription, send you invoices, and contact you about your service or relevant updates. We do not sell your data. Ever.

1. Who We Are

Data Controller: Black Salt Kft.
Trading as: AgentHeaven (agentheaven.ai)
Registered address: 1077 Budapest, Baross tér 14, Hungary
Company registration number: 01 09 450602
VAT number: HU13853619
Website: agentheaven.ai
Contact: info@agentheaven.ai

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at the email address above.

2. What Personal Data We Collect

We collect the following categories of personal information when you sign up for our service or contact us:

Data Category	Specific Data	Why We Collect It
Identity	Full name, business name	Account identification and billing
Contact	Email address, phone number	Service communication, support, marketing updates
Address	Billing address (street, city, postcode, country)	Invoice generation and legal billing requirements
Financial	Payment method details (processed by our payment provider)	Processing your monthly subscription payment
Usage	Onboarding notes, brand voice preferences	Configuring and improving your AI agent
Account Access	Social media account credentials or OAuth access tokens (Instagram, Facebook)	Operating the AI agent on your behalf; revoked and deleted on cancellation

We do not collect sensitive personal data such as health information, political opinions, or biometric data.

3. How We Use Your Personal Data

We use your personal data for the following purposes:

Service delivery — Setting up, configuring, and managing your AI agent on your behalf.
Billing and invoicing — Processing your monthly subscription payments and issuing invoices. Your billing address and name are required for legally compliant invoicing.
Customer support — Contacting you to resolve technical issues, answer questions, or communicate changes to your service.
Marketing communications — Sending you information about new features, service updates, tips, or relevant offers related to AgentHeaven. You may opt out at any time (see Section 7).
Legal and compliance — Meeting our legal obligations, such as retaining invoices for tax purposes.

4. Legal Basis for Processing (GDPR)

Under the GDPR, we rely on the following legal bases to process your personal data:

Purpose	Legal Basis
Providing the subscribed service	Performance of a contract (Art. 6(1)(b))
Billing and invoicing	Legal obligation (Art. 6(1)(c))
Customer support	Performance of a contract (Art. 6(1)(b))
Marketing communications to existing subscribers	Legitimate interests (Art. 6(1)(f)) — we have conducted a Legitimate Interests Assessment, available on request
Marketing communications to waitlist sign-ups	Consent (Art. 6(1)(a)) — by submitting your email you consent to being contacted about the service

5. How Long We Keep Your Data

We retain your personal data only for as long as necessary:

Active subscribers: For the duration of your subscription plus 90 days afterwards for support and dispute resolution purposes, after which personal data is deleted or anonymised.
Billing records: We are required to retain invoices and payment records for a minimum of 7 years to comply with tax and accounting regulations.
Marketing contact data: Until you unsubscribe or request deletion, whichever comes first.
Waitlist sign-ups: Up to 12 months, or until we contact you and you either subscribe or ask to be removed.

6. Who We Share Your Data With

We do not sell, rent, or trade your personal data. We may share it with the following trusted third-party service providers solely to operate our business:

Payment processors — To handle subscription billing securely (e.g., Stripe). Your payment card details are processed directly by our payment provider and are never stored on our servers.
AI model provider (Anthropic) — The AI agent uses Anthropic’s Claude API to generate post content and reply drafts. Your brand information and, where necessary, message context may be processed by Anthropic’s systems. Anthropic is based in the United States; data transfers are covered by Standard Contractual Clauses and Anthropic’s Data Processing Agreement. See Section 11 for international transfer details.
Email and communication tools — To send invoices, support replies, and marketing emails.
Cloud infrastructure providers — Servers that host the AgentHeaven service (e.g., Hetzner, based in the EEA). Your data is stored in secure, access-controlled environments.

All third-party providers are required to handle your data in accordance with applicable data protection law and our instructions. A full list of subprocessors is available on request at info@agentheaven.ai.

We may also disclose your data where required by law, court order, or to protect our legal rights.

7. Your Rights

If you are located in the European Economic Area (EEA) or the UK, you have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Ask us to correct inaccurate or incomplete data.

Right to Erasure

Request deletion of your data where we no longer have a legal basis to hold it.

Right to Restriction

Ask us to limit how we use your data in certain circumstances.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests, including direct marketing.

To exercise any of these rights, contact us at info@agentheaven.ai. We will respond within 30 days. In some cases we may ask you to verify your identity before fulfilling your request.

You also have the right to lodge a complaint with your local data protection supervisory authority at any time.

8. Marketing Communications & Opt-Out

By subscribing to AgentHeaven or joining our waitlist, you agree to receive service-related emails (invoices, onboarding information, support updates). These are essential to your subscription and cannot be opted out of while your account is active.

For optional marketing communications (new features, tips, promotional offers), you may opt out at any time by:

Clicking the “Unsubscribe” link at the bottom of any marketing email, or
Emailing us at info@agentheaven.ai with the subject line “Unsubscribe”.

We will action all opt-out requests within 5 business days.

9. Cookies and Third-Party Resources

Our website uses only essential cookies necessary for basic functionality (such as remembering your language preference). We do not use advertising cookies, third-party tracking cookies, or analytics services that collect personal data without your knowledge.

Our website loads fonts from Google Fonts (fonts.googleapis.com). When your browser requests these fonts, your IP address is transmitted to Google’s servers in the United States. This is a functional resource used to display the website correctly. If you prefer to prevent this transfer, you can block fonts.googleapis.com in your browser or use a browser extension that blocks third-party requests.

You can control cookies through your browser settings. Disabling cookies may affect some functionality of the website.

10. Data Security

We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or misuse, including:

Encrypted storage of credentials and sensitive data
Restricted access to personal data on a need-to-know basis
Use of reputable, security-certified infrastructure providers

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority as required by law.

11. International Transfers

Your personal data is primarily processed and stored within the European Economic Area (EEA). We use the following service providers that may process data outside the EEA:

Anthropic (USA) — AI model provider. Transfers are covered by Standard Contractual Clauses (SCCs) under GDPR Art. 46(2)(c) and Anthropic’s Data Processing Agreement.
Google (USA) — Font delivery via Google Fonts CDN. Your IP address may be transmitted when loading the website. See Section 9.

Where we transfer personal data outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR Chapter V. You may request a copy of the relevant transfer safeguards by contacting us at info@agentheaven.ai.

12. Children’s Privacy

AgentHeaven is a business service intended for adults (18+). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we do, we will update the “Last updated” date at the top of this page. For significant changes, we will notify active subscribers by email.

Continued use of our service after changes are posted constitutes your acceptance of the updated policy.

14. Contact Us

For any questions, requests, or concerns about this Privacy Policy or your personal data, please contact us:

Black Salt Kft. (trading as AgentHeaven)

1077 Budapest, Baross tér 14, Hungary

Company registration: 01 09 450602 · VAT: HU13853619

Email: info@agentheaven.ai

Website: agentheaven.ai

This policy was last reviewed on 22 March 2026. AgentHeaven reserves the right to update this document at any time. The current version is always available at agentheaven.ai/privacy.