Privacy Policy | Military AI Agent Marketplace

Last updated: May 2026

1. Information We Collect

Account Information

When you register, we collect your name, email address, and a bcrypt-hashed password. OAuth logins (Google, GitHub) provide your name and email from the provider.

Usage Data

When you invoke an agent, we log:

Agent ID and branch
SHA-256 hash of your input (NOT the full prompt text)
SHA-256 hash of the output (NOT the full response text)
Timestamp, compliance flag, and invocation status
Your user ID

We do NOT store full prompts or full responses. Only cryptographic hashes are retained for audit and abuse detection.

PII Redaction

Our middleware actively scans and redacts PII/SPII (SSNs, DoD IDs, phone numbers, emails, credit cards, medical record numbers, VA file numbers, addresses, and IP addresses) from prompts before they reach any inference backend.

2. How We Use Your Information

To provide and maintain your account and subscription
To enforce rate limits and tier entitlements
To detect and prevent abuse
To improve agent quality through aggregate usage metrics (no individual prompt data)

3. Data Sharing

We do NOT sell your data. We share data only with:

Stripe: Email address for payment processing
AWS: Cloud infrastructure provider (server logs, not prompt data)
LLM providers: Prompts (after PII redaction) are sent to inference backends for processing. We do not control provider retention policies for enterprise deployments — consult your deployment configuration.

4. Veteran & Healthcare Agent Data

All Category VII (Veterans), Category VIII (Military Spouses), and Category IX (Military Dependents) agents that handle healthcare-adjacent data are flagged with ZERO_RETENTION_PHI compliance. This means:

No full prompts or responses are stored
PII redaction is enforced before inference
Only cryptographic hashes and metadata are logged

5. Data Retention

Account data: Retained until you delete your account
Invocation logs: Retained for 90 days, then automatically purged
Subscription data: Retained for billing and compliance purposes

6. Your Rights

You may request:

Export of your account and usage data
Deletion of your account and all associated data
Correction of inaccurate account information

Contact privacy@militaryaiagents.com for data requests.

7. Security

We use industry-standard security measures including TLS encryption, bcrypt password hashing, role-based access control, and active PII redaction. See our Trust & Security page for details.

8. Contact

Privacy questions: privacy@militaryaiagents.com