What security and authentication mechanisms are described?
AGI describes use of session cookies / cookie‑based authentication, role‑based and restricted access controls for authorized personnel, and internal audit logging for sensitive access.
How does AGI, Inc. handle payment processing and payment data?
AGI uses third‑party payment processors (e.g., Stripe) and partners such as Visa to enable single‑use payment tokens; AGI states it does not store payment card details.
What data retention practices are described?
AGI states personal data is retained only as long as necessary for described purposes, with usage data retained for shorter periods except where retained for security improvement or legal obligations; data may be retained to meet legal obligations, resolve disputes, and enforce agreements.
Which privacy and regulatory frameworks does AGI reference?
AGI references GDPR, CCPA, PCI‑DSS (for payment processors), Google API Services User Data Policy (Limited Use), and mentions REAL Bench and open agentic protocols for standards.
Which regions and languages are noted in AGI's localization information?
AGI's localization notes language as English and regions including the European Economic Area (EEA), California (USA), and global/cross‑jurisdictional processing.
What governance artifacts and policies does AGI maintain?
AGI maintains a Privacy Policy, Terms of Service, and tracking/cookies information as described in its Privacy Policy, and references audits and internal logging practices.
What audits and security reviews are mentioned?
The company reports internal audit logging of access to sensitive Google user data and regular security reviews of information collection, storage, and processing practices.
Does AGI, Inc. list industry or legal considerations for deployments?
Yes; the research input lists legal considerations including data processing legal bases, cross‑border transfer mechanisms, intellectual property and open‑source obligations, contract terms (SLAs, liability caps), privacy and security obligations, and the need for records and audit trails.
What sensitivity and safety considerations does AGI highlight?
AGI highlights concerns about personal data and PII exposure, special category/sensitive data (health, biometrics, etc.), children's data, high‑risk/safety‑critical use cases, bias/fairness, content safety, dual‑use/national security concerns, and accessibility/localization requirements.
What operational security and compliance standards does AGI recommend implementing?
AGI's input suggests implementing privacy impact assessments/DPIAs, adopting security/privacy standards (SOC 2, ISO 27001), encryption in transit/at rest, role‑based access and least privilege, incident response, vendor due diligence, and publishing transparency artifacts.
Where can I find AGI's transparency artifacts, model cards, or audit reports?
AGI publishes a privacy policy, terms of service, blog posts, and links to papers and reproducible artifacts; for specific model cards, third‑party audit reports, or governance documents, contact the company directly.
Can AGI support deployments in regulated industries like healthcare or finance?
AGI supports enterprise controls and privacy‑preserving practices, but regulated deployments (HIPAA, FINRA/SEC, etc.) require additional contractual, technical, and compliance measures that should be evaluated with AGI’s sales and legal teams.
Does AGI offer private deployments or on‑prem/offline options for sensitive environments?
AGI primarily offers fully hosted agents with a built‑in remote VM for browser automation, but enterprise customers can contact sales to discuss dedicated instances, private deployment options, or contractual data‑residency arrangements.