Effective date: April 14, 2025
LiminaHub Inc. ("LiminaHub", "we", "us", or "our") operates the AgentStudio platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
When you sign up using Google OAuth, we collect your name, email address, and profile picture provided by Google. We do not store your Google account password.
To enable agents to act on your behalf, you may authorise third-party integrations (Gmail, Slack, Notion, etc.). We securely store only the OAuth access tokens and refresh tokens required to perform the actions you authorise. These tokens are encrypted at rest and never shared with third parties beyond what is required to execute your agents.
We collect information about how you interact with agents: queries submitted, tool calls executed, and execution logs. This data is used solely to provide, improve, and debug the AgentStudio service.
Payment details are processed exclusively by Stripe, our certified PCI-DSS Level 1 payment infrastructure provider, and are never stored on our servers in unencrypted form. For publishers who receive revenue through the platform, we store their Stripe Connect account identifier to facilitate automated revenue disbursements. We retain only the billing metadata — transaction IDs, amounts, and timestamps — necessary to manage your subscription and comply with financial regulations.
Publishers who opt to use their own LLM API key for agent inference may submit that key through the platform. These keys are encrypted at rest using AES-256-GCM symmetric encryption prior to being persisted to our database. The encryption key is stored separately in a secure environment and is never co-located with the ciphertext. No LiminaHub employee or system process can access a publisher's LLM API key in plaintext form.
We collect anonymised usage analytics (page views, feature interactions) to understand how the platform is used and improve the product experience.
To authenticate you, execute your agents, manage your account, and provide customer support.
If you use platform-provided LLM inference routing (not Bring-Your-Own-Key), your agent prompts are forwarded to the configured LLM provider. We do not train any AI models on your prompts. LLM provider data handling is governed by their respective privacy policies.
We may send you transactional emails (agent execution receipts, security alerts) and, with your consent, product update newsletters. You can opt out of marketing emails at any time.
To detect and prevent fraud, abuse, and violations of our Terms of Service.
LiminaHub does not sell, rent, or trade your personal information to third parties for their marketing purposes.
When you run an agent published by a third-party on the AgentStudio marketplace, that agent may process the data you provide it (e.g., an email subject line). Publishers are contractually bound by our Publisher Agreement to handle your data responsibly.
We use trusted infrastructure partners (cloud hosting, payment processors, analytics) who are bound by data processing agreements and GDPR-compliant data handling requirements.
We may disclose your information if required by applicable law, court order, or governmental authority.
Retained while your account is active and for 90 days after account deletion, allowing you to restore your account if needed.
Retained for 30 days to support debugging and audits. Custom licensing may allow for altered retention periods.
All transaction records — including Stripe payment data, publisher revenue disbursement records, AgentLicence purchase history, and subscription receipts — are retained for a minimum of 7 years as required by financial regulations and applicable tax law. This retention obligation survives account deletion. After account deletion, personal identifiers are removed where technically feasible, but the financial record itself is preserved in de-identified form for the required statutory period.
You can request a copy of all personal data we hold about you at any time by contacting agentstudio@liminahub.ai.
You can update your profile information directly in your account Settings page.
You can permanently delete your account from the Settings page. This will revoke all integration tokens and remove your personal data within 30 days, subject to legal retention obligations.
If you are a resident of the European Economic Area or California, you have additional rights under GDPR and CCPA respectively, including the right to object to or restrict processing. Contact us at agentstudio@liminahub.ai to exercise these rights.
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. OAuth tokens are stored in an encrypted vault.
Access to production systems and customer data is strictly limited to authorised LiminaHub personnel, and all access is logged and audited.
In the event of a security breach affecting your data, we will notify you within 72 hours as required by applicable law.
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via an in-app notice at least 14 days before the changes take effect. Your continued use of the platform after that date constitutes acceptance of the updated policy.
For any privacy-related questions or to exercise your data rights, please contact us at agentstudio@liminahub.ai or write to: LiminaHub, Legal & Privacy Team, Titanium, Pralhad Nagar, Ahmedabad, Gujarat, 380015, India.
Have questions about this policy? Contact our Privacy Team or review our Terms of Service.
