Privacy Policy

1. Introduction

Agentic Execution ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you use our investment operations automation platform (the "Service"). By using the Service, you agree to the practices described in this policy.

2. Information We Collect

2.1 Account Information

When you register, we collect your name, email address, organisation name, and password (hashed and never stored in plain text).

2.2 Financial Documents & Extracted Data

To provide the Service, we process financial documents you connect or upload, including fund statements, trade confirmations, and subscription documents. The content of these documents (positions, amounts, transaction details) is stored to power reconciliation, reporting, and export features.

2.3 Email Integration Data

If you connect a Gmail account, we access email metadata (sender, subject, attachments) for the purpose of identifying and retrieving fund documents. We use Google OAuth and do not store your Gmail password. You may revoke access at any time through your Google account settings.

2.4 Usage Data

We collect usage logs, error reports, and performance metrics to improve the Service. This includes information about features used, processing times, and error rates. This data is anonymised where possible.

2.5 Cookies & Local Storage

We use browser local storage to maintain your session and user preferences. We do not use third-party advertising cookies.

3. How We Use Your Information

• To provide, operate, and improve the Service
• To process and extract data from your financial documents
• To run reconciliation, generate exports, and deliver scheduled files
• To send transactional emails (account setup, alerts, processing notifications)
• To diagnose technical problems and analyse usage patterns for product improvement
• To comply with legal obligations and regulatory requirements

We do not use your financial documents or extracted data to train general AI models, or sell or licence your data to any third party.

4. AI Processing & Third-Party Models

The Service uses large language models (including Google Gemini) to classify and extract data from documents. Documents are transmitted to these APIs over encrypted connections solely for the purpose of extraction. We configure these APIs with data retention settings that minimise storage of your documents by AI providers. You acknowledge that use of the Service involves processing by these AI services, which have their own data policies.

5. Data Storage & Security

Your data is stored on secure cloud infrastructure (AWS). We implement industry-standard security measures including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256)
• Role-based access controls — only authorised personnel can access production data
• Regular security reviews and vulnerability assessments
• Audit logging of all data access and modifications

No security system is impenetrable. If a breach occurs that affects your data, we will notify you within 72 hours of discovery as required by applicable law.

6. Data Retention

We retain your account data and financial documents for as long as your account is active. Upon account termination, we will make your data available for export for 30 days, after which it will be permanently deleted from our systems. Usage logs and anonymised analytics data may be retained for up to 3 years for product improvement purposes.

7. Data Sharing

We do not sell your data. We share your data only with:

• Service providers necessary to operate the Service (cloud hosting, AI APIs, email delivery) — bound by confidentiality agreements
• Your configured export destinations (FTP servers, third-party OMS) that you explicitly authorise
• Legal authorities if required by applicable law, court order, or regulatory demand

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access a copy of personal data we hold about you
• Correct inaccurate personal data
• Request deletion of your personal data
• Object to or restrict processing of your data
• Receive your data in a portable format

To exercise these rights, contact us at hello@agentic-execution.com. We will respond within 30 days.

9. International Transfers

Our infrastructure is primarily located in the Asia-Pacific region (AWS ap-southeast-1). If you access the Service from outside this region, your data may be transferred internationally. We ensure such transfers are protected by appropriate safeguards in line with applicable data protection law.

10. Children's Privacy

The Service is not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by email or in-app notice at least 14 days before material changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact Us

For privacy questions, data requests, or to report a concern, please contact us at: