Support|AGG Cloud

Privacy Policy

Last Updated: April 18, 2026
Effective Date: April 18, 2026

1. Introduction & "No Safe Harbor"

At AGG Labs, we build network infrastructure for engineers. We believe in strict data minimization and absolute transparency. This Privacy Policy outlines how we collect, process, and protect your data when you use the AGG Loop service, our dashboard, and our edge networking APIs.

AGG Loop is designed for legitimate enterprise and development tunneling. We are explicitly NOT a "bulletproof" proxy, nor a privacy-focused VPN intended to mask illegal activities. We actively monitor our network for abuse and maintain a strict "No Safe Harbor" policy for malicious actors.

2. How We Process Tunnel Traffic (L3/L4 vs. L7)

As a Zero Trust Network Access (ZTNA) and tunneling provider, our primary function is moving packets from the public internet to your local infrastructure. We maintain a strict boundary between routing metadata and payload data:

  • Routing Metadata (L3/L4): We process, aggressively monitor, and temporarily log IP addresses, port numbers, bandwidth usage, and connection timestamps. This is strictly necessary to route packets, mitigate DDoS attacks, enforce rate limits, and detect abuse patterns.
  • Payload Data (L7): We act as a "blind pipe". We do not log, inspect, or store the decrypted contents of your HTTP/HTTPS traffic (e.g., request bodies, response payloads, passwords) unless you explicitly enable application-level logging in your AGG Loop dashboard.

3. User Responsibility & Liability (Data Controller)

By establishing a tunnel, you expose local services to the internet. You are the sole Data Controller under GDPR, CCPA, and similar privacy frameworks for any data flowing through your tunnels. AGG Labs acts strictly as a Data Processor.

  • Misconfiguration: If you expose an unauthenticated database, internal API, or insecure application via AGG Loop, you assume 100% liability for any resulting data breaches.
  • Enabled L7 Logging: If you intentionally enable HTTP request/response logging in your AGG Loop dashboard for debugging, you acknowledge that you may be capturing Personally Identifiable Information (PII), credentials, or financial data belonging to your end-users. You bear the sole legal responsibility for ensuring you have the right to process and store this data on our platform.

4. Information We Collect

To provide and maintain the Service, we collect the following categories of information:

  • Account Information: Email address, authentication tokens, and billing details (handled by secure third-party processors).
  • Infrastructure Data: Public keys (SSH/TLS), certificate metadata, tunnel configurations, and custom domain names associated with your account. We never store your private keys unless they are generated and temporarily held for automated Let's Encrypt provisioning.
  • Beta Telemetry: Because AGG Loop is currently in Beta, we collect extensive diagnostic data, including daemon crash logs, latency metrics, and error rates (e.g., 502 Bad Gateway events) to improve kernel-level performance and stability.

5. Law Enforcement Cooperation & Third-Party Sharing

We are not a data broker. We do not sell your personal data or traffic telemetry to advertisers. We share information only in the following strictly controlled scenarios:

  • Infrastructure Providers: We use top-tier cloud providers (e.g., AWS, DigitalOcean, Cloudflare) to host our edge nodes. By using the service, you acknowledge that your network packets may cross international borders based on BGP routing optimization.
  • Law Enforcement & Abuse Mitigation: If your tunnel is flagged by our automated systems or third parties for violating our Acceptable Use Policy (e.g., malware hosting, phishing), we will immediately terminate your service. Furthermore, we will proactively cooperate with cybersecurity authorities, hosting providers, and law enforcement by sharing your account details, origin IP addresses, and routing telemetry without requiring a subpoena if we believe it is necessary to stop an active cyberattack or illegal operation.

6. Beta Security & Data Retention

All sensitive data at rest is encrypted using industry-standard AES-256. However, as AGG Loop is in a Beta phase involving low-level C networking daemons, you acknowledge the inherent risks of experimental software. We do not guarantee absolute data security against novel kernel exploits or zero-day vulnerabilities.

Traffic logs and routing telemetry are highly ephemeral. Standard access logs used for analytics are aggregated and raw data points are automatically purged after a short retention window, unless quarantined for an active abuse investigation. We reserve the right to permanently delete any configuration data or logs without notice or liability.

7. Your Privacy Rights (GDPR & CCPA)

Depending on your jurisdiction, you have the right to access, correct, export, or delete your personal data. You can completely destroy your account, active tunnels, and associated data directly from the AGG Loop dashboard. If you require a manual data export or have specific compliance requests, please contact our support team. Note that deleting your account is irreversible and immediately drops all routing capabilities.

8. Modifications to This Policy

We may update this Privacy Policy from time to time as our infrastructure evolves and regulatory requirements change. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Effective Date". Continued use of the AGG Loop service after changes are published constitutes your unconditional consent to the updated policy.

For privacy inquiries or data deletion requests, contact legal@agglabs.com