Legal

Privacy Policy

Agent Harbor LLC · Last updated: March 2026 · Washington State, USA

The short version — plain language

1. Who We Are

Agent Harbor LLC is a limited liability company registered in Washington State, USA. We sell white-label AI agent infrastructure and managed deployment services to small businesses and marketing agencies.

This Privacy Policy explains how Agent Harbor LLC ("Agent Harbor," "we," "us," or "our") collects, uses, and protects information in connection with our website at agentharbor.agency and the services we provide.

Business address: 3850 Kitsap Way, Ste 104 #1087, Bremerton, WA 98312
Contact: anchor@agentharbor.agency

2. Our Core Privacy Commitment

AI agents deployed through Agent Harbor run on Agent Harbor's private managed infrastructure. This architecture means that data processed by AI agents — including end-user queries, conversation logs, outputs, and any connected data sources — stays on Agent Harbor's private infrastructure and is never transmitted to any third-party AI provider.

Our commitments, stated plainly:

  • We do not train AI models on client data.
  • We do not retain client AI agent data on our systems.
  • We do not sell, share, or rent personal information to third parties.
  • We do not use third-party advertising networks, tracking pixels, or behavioral analytics.
  • Our website uses no cookies.

3. Information We Collect

Website visitors

When you visit agentharbor.agency, we collect minimal information:

  • Contact form submissions: If you submit our contact form, we collect your name, email address, and message content. Contact forms are processed through Web3Forms. Web3Forms' own privacy policy governs their handling of this data.
  • Cookie-free analytics: We may collect aggregated, non-personally identifiable data about page visits, referring sources, and device types for the purpose of improving our website. We do not use cookies, tracking pixels, Google Analytics, Google Tag Manager, or any other third-party analytics service.

We do not collect: IP addresses linked to individuals, browsing history, or any data that would identify you without your explicit submission.

Clients (service subscribers)

When you subscribe to Agent Harbor's services, we collect:

  • Business name, contact name, and email address
  • Billing information (processed by our payment processor — see Section 6)
  • Service configuration preferences and deployment specifications
  • Communications with our support team

What we do NOT collect

  • Data processed by AI agents deployed on client infrastructure
  • End-user data from client-deployed agent conversations
  • Client customer lists, campaign data, or business intelligence
  • Any data flowing through deployed AI agents

4. How We Use Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our services
  • To communicate with clients about their accounts and deployments
  • To process subscription payments and manage billing
  • To respond to contact form inquiries
  • To improve our website using aggregated, non-identifying analytics

We do not use collected information to train AI models. We do not use it for advertising, profiling, or any purpose beyond operating our business and communicating with you about your account.

Legal basis (GDPR): We process personal data under the following legal bases: contract performance (account and billing data necessary to deliver services), legitimate interest (website analytics for site improvement), and consent (contact form submissions).

5. Client AI Agent Data

This section is the most important part of this policy for Agent Harbor clients.

AI agents deployed through Agent Harbor run on Agent Harbor's private infrastructure. Data processed by these agents — including end-user inputs and outputs, conversation logs, connected data sources, and any information provided to the agent during operation — is processed exclusively on our private hardware and never routed through OpenAI, Anthropic, or any shared cloud AI provider.

Agent Harbor does not have access to, collect, store, or process data handled by deployed AI agents, unless explicitly requested by the client for a specific support purpose, and then only for the duration of that support engagement.

We do not train any AI models on client data or on data processed by client-deployed agents. Ever. Under any circumstance.

Clients maintain full control over data retention, deletion, and access policies within their own infrastructure. Agent Harbor does not dictate, limit, or override client data governance decisions.

If clients serve end-users in regulated industries (healthcare, finance, legal, government), the on-premise deployment model means sensitive data never leaves the environment the client controls — simplifying compliance with sector-specific data handling requirements.

6. Data Sharing and Third Parties

We do not sell, rent, or share personal information with third parties for marketing or advertising purposes.

We work with the following third-party service providers, each of which processes only the data necessary to deliver their specific service:

We may disclose information if required by law, court order, or regulatory authority, or to protect the rights, property, or safety of Agent Harbor, our clients, or others.

7. Data Security

We implement commercially reasonable technical and organizational measures to protect the information we hold about you. These include:

  • Encryption of data in transit using TLS 1.3
  • Encryption of data at rest using AES-256
  • Access controls limiting internal access to personal data on a need-to-know basis
  • Regular review of our data handling practices

No method of transmission over the internet or electronic storage is 100% secure. While we apply reasonable measures, we cannot guarantee absolute security of information transmitted to or stored by us.

Client-deployed AI agent infrastructure is secured according to the configuration choices and security practices of the client — Agent Harbor's security measures cover only data within our own systems.

8. Data Retention and Deletion

We retain personal information only for as long as necessary to provide services or as required by law:

  • Account information: Retained for the duration of an active subscription and for a reasonable period after cancellation to resolve any billing questions or disputes (typically 12 months after cancellation).
  • Contact form submissions: Retained until the inquiry is resolved, then deleted or anonymized.
  • Billing records: Retained as required for tax and financial compliance purposes.

You may request deletion of your personal information at any time by contacting us at anchor@agentharbor.agency. We will process deletion requests within 30 days, except where retention is required by law.

Data processed by client-deployed AI agents is under client control. Clients manage retention and deletion of that data according to their own policies.

9. Your Privacy Rights

Rights applicable to all users

  • Right to know what personal information we hold about you
  • Right to request correction of inaccurate information
  • Right to request deletion of your personal information
  • Right to withdraw consent where processing is based on consent

California residents (CCPA / CPRA)

If you are a California resident, you have the following additional rights:

  • Right to know the specific pieces of personal information collected about you
  • Right to request deletion of personal information
  • Right to opt out of the sale of personal information. Agent Harbor does not sell personal information.
  • Right to non-discrimination for exercising your privacy rights
  • Right to correct inaccurate personal information
  • Right to limit use of sensitive personal information

EU / EEA residents (GDPR)

If you are located in the EU or EEA, you have the right to:

  • Access personal information we hold about you
  • Rectify inaccurate personal information
  • Request erasure ("right to be forgotten") where applicable
  • Restrict or object to processing of your personal information
  • Receive your data in a portable format
  • Lodge a complaint with your local data protection supervisory authority

Agent Harbor's on-premise deployment model means client data processed by AI agents does not leave the client's chosen jurisdiction, which is directly relevant to GDPR data transfer requirements.

Washington State residents

Washington State has enacted privacy legislation including the Washington My Health My Data Act (MHMD), which applies to consumer health data. If our services involve health-related data in any context, we will comply with applicable Washington State privacy law requirements.

To exercise any of the rights described above, contact us at anchor@agentharbor.agency. We will respond to verifiable requests within 30 days.

10. Children's Privacy

Agent Harbor's services are designed for businesses and are not directed at individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If we become aware that we have collected personal information from a minor, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For material changes that significantly affect how we handle your personal information, we will notify active clients by email.

Your continued use of our services after any changes constitutes your acceptance of the updated policy.

12. Contact Us

For questions, requests, or concerns about this Privacy Policy or our data practices, please contact us:

Agent Harbor LLC

3850 Kitsap Way, Ste 104 #1087

Bremerton, WA 98312

Email: anchor@agentharbor.agency

Privacy inquiries: anchor@agentharbor.agency

Or use our contact form.

We aim to respond to all privacy-related inquiries within 5 business days.