Privacy Policy
Effective Date: May 17, 2026
Libramen, Inc., a Delaware corporation ("Libramen", "we", "us", or "our"), provides agentic commerce infrastructure that lets businesses publish product catalogs, pricing, availability, and constraints to AI agents acting on behalf of buyers. This Privacy Policy explains what personal information we collect, how we use it, how we share it, and the rights people may have over it.
This policy applies to:
- Operators - businesses and team members who register a Libramen account and configure an organisation.
- End buyers - people whose AI agents transact with an Operator's business through Libramen.
- Agent owners - third parties operating AI agents, gateways, or other automated systems that interact with Libramen.
All AI agents that interact with Libramen are operated by third parties. Libramen does not operate first-party buyer agents.
1. Who Controls Personal Information
For Operator account administration, Service security, platform analytics, and our own business operations, Libramen, Inc. acts as an independent controller of personal information.
Controller contact:
- Libramen, Inc.
- 1111B S Governors Ave # 49139
- Dover, DE 19904
- United States
founders@libramen.ai
For personal information processed on behalf of an Operator to configure that Operator's business, evaluate transactions, manage bookings, send receipts, or support the Operator's customers, Libramen generally acts as the Operator's service provider or processor. Operators remain responsible for their own notices, lawful bases, customer communications, fulfilment, and compliance obligations.
If you are an end buyer and your data reached Libramen through an Operator or a third-party agent, we may need to route your request to the relevant Operator or verify the transaction before acting on it.
2. Information We Collect
Account information (Operators). Email address, display name, password hash, authentication metadata, role, organisation memberships, and account status. If you sign in with Google, we receive Google account identifiers through OAuth.
Organisation and business data (Operators). Organisation name, business details, location and service area, product catalogs, pricing rules, availability configurations, constraint logic, documents you upload, and other operational configuration.
Third-party integration credentials (Operators). When you connect an external integration, we store credentials needed to operate it, such as Google Calendar OAuth tokens, iCal feed URLs, Custom API keys, webhook paths, and webhook signing secrets. Sensitive credentials are encrypted at rest.
Payment configuration (Operators). Payment provider settings, Stripe account identifiers, blockchain wallet addresses, restricted Stripe API keys, webhook signing secrets, and stablecoin fee-payer configuration where you choose to provide it. Sensitive payment fields are encrypted at rest. We do not store full card numbers; card data is handled by Stripe or the relevant payment provider.
Agent analytics. Agent visit timestamps and frequency, user-agent and IP-derived metadata, tool calls made by agents, transaction evaluations, negotiation traces, payment and settlement status, hashed agent key identifiers, and activity logs. We redact sensitive tool parameters before storing analytics where supported by the Service.
End-buyer and transaction data. When an agent transacts on behalf of a buyer, we may process buyer-identifying information needed to complete or support the transaction, commonly an email address for receipts, transaction references, receipt content, payment status, booking details, fulfilment metadata, mandate status, dispute or chargeback context, and audit logs. Buyer email and receipt content are encrypted at rest.
AI processing inputs and outputs. Messages, documents, summaries, extracted structures, tool outputs, and related context sent through the chat agent or knowledge pipeline may be processed by a third-party LLM provider. Document embeddings used for retrieval are generated locally using local embedding models and are not sent to the LLM provider.
Blockchain transaction data. If an Operator accepts payment through a blockchain rail, transaction data such as wallet addresses, transaction hashes, amounts, timestamps, and network identifiers may be permanently and publicly visible on-chain. We cannot delete public blockchain records.
Technical and security data. IP addresses, browser and device information, request metadata, session identifiers, cookie identifiers, rate-limit records, server logs, error reports, security events, and diagnostic data.
Local device storage. The client application may use browser local storage for preferences, cached setup context, graph layout preferences, chat session restoration, theme settings, and similar product functionality.
Communications. Emails, support requests, security reports, feedback, and other messages you send to us.
3. Sources of Information
We collect information:
- Directly from Operators and their team members;
- From third-party agents, gateways, and MCP clients that interact with an Operator's published business;
- From payment providers, integration providers, OAuth providers, webhook senders, and blockchain networks;
- Automatically from browsers, devices, servers, logs, and security systems;
- From other users or administrators within the same organisation.
4. How We Use Information
| Purpose | Examples | Typical legal basis where GDPR/UK GDPR applies |
|---|---|---|
| Provide and maintain the Service | Authentication, account administration, storage, APIs, MCP transport, document processing, knowledge graph operations | Contract; legitimate interests |
| Configure and operate Operator businesses | Catalog, pricing, availability, constraints, integrations, bookings, receipts | Contract; legitimate interests; Operator's lawful basis where we act as processor |
| Process transactions | Mandates, payment status, settlement, receipts, refunds, chargeback support | Contract; legal obligation; legitimate interests |
| AI-assisted processing | Chat agent, document extraction, summaries, tool calls, structure generation | Contract; legitimate interests; consent where required |
| Analytics and product improvement | Aggregated usage metrics, agent interaction dashboards, reliability analysis | Legitimate interests |
| Security and abuse prevention | Rate limiting, fraud prevention, credential protection, audit logs, incident response | Legitimate interests; legal obligation |
| Communications | Account emails, service updates, security alerts, support, receipts | Contract; legitimate interests; consent where required |
| Compliance and legal claims | Tax, accounting, law-enforcement requests, sanctions, disputes, enforcement of terms | Legal obligation; legitimate interests |
We may create aggregated or de-identified information that does not identify a person and use it for analytics, product improvement, security, and business reporting.
5. AI Providers and Model Training
Depending on the configured LLM provider, AI processing inputs and outputs may be sent to OpenAI, Anthropic, or another provider we disclose before use. We use commercial/API offerings that state customer content is not used to train models by default unless the customer opts in or explicitly submits feedback for training.
LLM providers may retain API inputs, outputs, and metadata for limited periods for abuse monitoring, safety, reliability, or legal compliance under their own terms. Do not submit sensitive personal information, secrets, payment credentials, or regulated data to the chat agent unless you are authorised to do so and understand the processing involved.
6. How We Share Information
We do not sell personal information for money. We do not share personal information for cross-context behavioural advertising.
We may share information with:
- Service providers and subprocessors that host, process, secure, store, transmit, or analyse information for the Service;
- Operators whose businesses are involved in the relevant account, transaction, booking, buyer request, dispute, or receipt;
- Third-party AI agents, gateway clients, and MCP clients that access information Operators intentionally publish, such as catalogs, pricing, availability, eligibility rules, and action schemas;
- Payment providers and blockchain networks to process and verify payments, settlement, refunds, receipts, and chargebacks;
- Integration providers such as Google Calendar, iCal feeds, Custom APIs, and webhook receivers as needed to operate configured integrations;
- Legal, safety, and compliance recipients when required by law, court order, regulator request, or to protect rights, safety, security, and the integrity of the Service;
- Business transfer recipients in connection with a merger, acquisition, financing, reorganisation, or sale of assets;
- Other parties with consent or at your direction.
Public blockchain transactions are visible to anyone inspecting the relevant network.
7. Data Retention
We retain personal information only for as long as reasonably needed for the purposes described in this policy, unless a longer period is required or permitted by law.
Operator account data is retained while the account is active. If an account is deleted, the user account and organisation memberships are removed, subject to technical, legal, security, backup, audit, dispute, payment, tax, and fraud-prevention retention needs.
Organisation and business data is retained while the organisation remains active or until deleted by an authorised Operator, administrator, or support process, subject to retention needed for security, disputes, payments, backups, and legal obligations.
Integration and payment credentials are retained while the relevant integration or payment rail remains configured and are deleted or made inactive when disconnected, except where retention is needed for security, audit, dispute, or legal reasons.
Agent analytics are retained for up to 12 months unless longer retention is needed for security, fraud prevention, disputes, legal compliance, or aggregated/de-identified reporting.
Server logs and security logs are generally retained for up to 90 days unless longer retention is needed for security, debugging, fraud prevention, legal compliance, or incident response.
End-buyer receipt, booking, mandate, and transaction records are retained for the period required by applicable tax, accounting, payment, consumer-protection, chargeback, dispute, and fraud-prevention obligations.
Backups may retain copies for a limited period after deletion until overwritten or expired in the ordinary course.
Blockchain records are permanent and outside our control.
8. Data Security
We use technical and organisational safeguards designed to protect personal information, including:
- Encryption in transit using TLS/HTTPS;
- Encryption at rest for sensitive fields including payment credentials, integration credentials, end-buyer PII, and per-organisation secrets;
- AES-256-GCM with versioned master keys for per-organisation encryption where supported;
- Cryptographic password hashing;
- Short-lived JWT access tokens with refresh-token rotation;
- Organisation-level data isolation and cross-organisation access checks;
- Hashed agent API keys with rate limits;
- Rate limiting and abuse controls on authentication, payments, and agent endpoints;
- Credential redaction and secure handling practices for sensitive tool parameters.
No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
9. Automated Processing and Agentic Transactions
The Service evaluates transactions and availability using Operator-configured rules, pricing, constraints, external integrations, payment status, and agent-supplied parameters. These evaluations may approve, block, request more information, reserve capacity, or trigger payment and receipt workflows.
Operators configure the rules and remain responsible for their accuracy, fairness, legality, and suitability. Where automated processing has legal or similarly significant effects on an individual, the relevant Operator is responsible for ensuring an appropriate lawful basis, human review path, notice, and appeal or correction process where required by law.
10. Your Rights
Depending on where you live and how we process your information, you may have rights to access, correct, delete, restrict, object to, or receive a portable copy of your personal information. You may also have the right to withdraw consent where processing is based on consent.
EEA, UK, and similar jurisdictions. You may have GDPR or UK GDPR rights, including access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and the right to lodge a complaint with a supervisory authority.
California residents. Where the CCPA applies, you may have rights to know, access, delete, correct, opt out of sale or sharing, limit use and disclosure of sensitive personal information, use an authorised agent, and be free from discrimination for exercising rights. We do not sell personal information or share it for cross-context behavioural advertising.
End buyers. If your data reached Libramen through an Operator or third-party agent, contact founders@libramen.ai. We may route your request to the relevant Operator where we act as its processor or service provider, and we may need information to verify the transaction or your authority to make the request.
To exercise a right, contact founders@libramen.ai. We may need to verify your identity and may deny or limit requests where permitted by law, including where retention is needed for security, fraud prevention, legal compliance, disputes, payment records, tax, accounting, or blockchain immutability.
11. Cookies and Tracking
We use HTTP-only authentication cookies and related security cookies that are necessary for the authenticated Service. These cannot be disabled while using authenticated parts of the Service.
We use browser local storage for product functionality such as remembered organisation context, session restoration, UI preferences, graph layout preferences, and diagnostics that a user enables.
We do not use third-party advertising cookies or tracking pixels.
12. Children's Privacy
The Service is not directed to individuals under 16, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact founders@libramen.ai.
13. Subprocessors and Third-Party Services
We use the following third parties to operate the Service. The exact providers used may vary by environment, deployment, configured payment rail, configured LLM provider, and Operator-enabled integrations.
| Provider | Purpose | Legal links |
|---|---|---|
| Stripe, Inc. | Card and fiat payment processing; Agentic Commerce / Shared Payment Token acceptance | Stripe Privacy Policy - Stripe Services Agreement - Stripe DPA - Stripe Agentic Commerce documentation |
| Tempo Labs Technologies, Inc. | Stablecoin payment settlement on the Tempo blockchain | Tempo Privacy Policy - Tempo Terms of Use |
| OpenAI, L.L.C. | AI / LLM processing if OpenAI is the configured provider | OpenAI Privacy Policy - OpenAI Business Terms - OpenAI API data controls |
| Anthropic, PBC | AI / LLM processing if Anthropic is the configured provider | Anthropic Privacy Policy - Anthropic Commercial Terms - Anthropic Privacy Center |
| Resend (Plus Five Five, Inc.) | Transactional email delivery, receipts, security alerts, and notifications | Resend Privacy Policy - Resend Terms - Resend DPA |
| Google LLC | OAuth sign-in and optional Google Calendar integration | Google Privacy Policy - Google API Services User Data Policy |
| Neo4j, Inc. | Graph database hosting or database software where configured | Neo4j Privacy Policy - Neo4j Terms |
| Redis, Upstash, AWS ElastiCache, Redis Cloud, or similar cache provider | Session storage, rate limiting, or cache where configured | Provider terms depend on the deployment configuration |
| Public blockchain networks | On-chain settlement and transaction verification | On-chain records are public and outside our control |
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements.
14. International Data Transfers
We may transfer and process personal information in countries other than the one in which you reside, including the United States. Where required by law, we use appropriate safeguards for international transfers, such as Standard Contractual Clauses or equivalent mechanisms.
15. Changes to This Policy
We will post updates to this policy with a revised "Effective Date." Material changes will be communicated to active Operators by email or in-product notice where reasonable. Continued use of the Service after changes take effect means the revised policy applies going forward.
16. Contact Us
Email: founders@libramen.ai
Address: Libramen, Inc., 1111B S Governors Ave # 49139, Dover, DE 19904, United States