Legal
Privacy Policy
Last updated: 9 May 2026
Agentic-Agents Lab ("we", "us") operates the AgentRent service at code2story.com. This policy describes how we collect and use personal data when you use the website, create an account, subscribe, or use our agents (including Career Scout).
EU / UK users: We process personal data in line with the GDPR and applicable UK data protection law where it applies. You may lodge a complaint with your supervisory authority (Denmark: Datatilsynet).
1. What we collect
Account and identity
- Email address and authentication data when you register or sign in (processed by our auth provider).
- Profile information you choose to add (e.g. name, phone, job preferences inside Career Scout).
Billing
- Subscription status, Stripe customer and subscription identifiers, and related billing fields we store to enforce access (via our database and Stripe).
Agent data you provide
- Career Scout: CV files or text, job criteria, job matches, application drafts, learning logs, and optional Gmail connection data when you enable it.
- Intelligence / BYOK: If you choose server-side key storage, your API key material is encrypted; you can instead keep keys only in your browser.
- Other agent configurations you save to your account (e.g. HR or job-seeker presets).
Technical and security data
- IP address, browser type, device hints, pages viewed, and similar logs for security and reliability.
- Cookies and similar technologies — see our Cookie Policy.
2. Why we use data (purposes)
To provide, secure, and improve AgentRent (authentication, Workbench, agents, and automation you enable).
To process payments and enforce subscription access.
To run Career Scout features you request (scouting, matching, inbox assistance, optional Gmail).
To communicate with you about the service, security, or legal requirements.
To comply with law and defend our rights.
3. Legal bases (GDPR)
Depending on the processing, we rely on: contract (providing the service you asked for), legitimate interests (security, fraud prevention, product improvement), legal obligation, and where required consent (e.g. non-essential cookies — see Cookie Policy).
4. Processors and third parties
We use trusted infrastructure providers (including hosting, database/auth, payments, and email) to run AgentRent. They process data on our instructions. When you use BYOK, your chosen AI provider receives prompts you send according to their terms.
A non-exhaustive list may include: Supabase (auth/database), Stripe (payments), Google (optional Gmail OAuth), and Vercel (hosting). Their privacy policies also apply to how they process data as processors or independent controllers.
5. Retention
We keep data as long as your account is active and as needed for billing, legal, and security purposes. Marketing materials describe shredding agent configuration and learning logs after your rental ends — see in-product notices and terms for the current retention window. You may request deletion subject to legal retention needs.
6. Your rights
Where GDPR (or similar law) applies, you may have rights to access, rectify, erase, restrict, port, or object to certain processing.
Contact privacy@code2story.com. We respond within statutory timelines (typically within one month for GDPR requests, subject to complexity).
7. Security
We use TLS in transit, access controls, and industry-standard practices appropriate to our stage. No method of transmission over the Internet is 100% secure.
8. Contact
Privacy: privacy@code2story.com
General: hello@code2story.com
Operator: Agentic-Agents Lab — AgentRent, Copenhagen, Denmark
This policy is provided for transparency. It is not legal advice. For product help, see Contact.