FeaturesHow it worksOperationsPricing
Privacy

AgenticSP Privacy Policy

Last updated: May 14, 2026

Information We Collect

We collect information needed to operate AgenticSP and provide lead intake, estimation, billing, email automation, and support workflows.

Account and company information

We collect account and company profile information such as user email addresses, names if provided, company name, company website, logo, business description, business address fields, account roles, permissions, authentication metadata, and onboarding acceptance records for legal agreements.

Lead, estimation, and moving workflow information

Customers and authorized users may submit or generate moving lead and estimation data, including customer names, customer email addresses, customer phone numbers, move dates, pickup and destination cities, move size, pricing rules, base points, move-size weights, surcharges, fixed fees, charges, estimation totals, workflow configurations, email templates, template assets, attachments, support tickets, feedback, and related operational records.

Connected email and lead-source information

When a company connects a Google Gmail or Microsoft email account through AgenticSP's email connection flow, AgenticSP uses Nylas as an email API provider to help read relevant incoming email messages and send outbound quote or follow-up emails from the connected mailbox.

AgenticSP's connected email flow uses read-only and sending permissions through Nylas, including email.read_only and email.send style functionality. Email-related information may include connected email address, provider, Nylas grant identifiers, message IDs, thread IDs, subjects, sender and recipient email addresses, sender names, timestamps, snippets, message bodies, message metadata, saved lead-source labels, lead-source sender addresses, source message samples, inbound webhook events, generated outbound email content, scheduled-send records, delivery status, bounce status, unsubscribe status, open/click/reply tracking events where enabled, and processing errors.

Lead-source confidentiality information

AgenticSP treats lead-source information as company-confidential business information. This includes lead source identities, source sender addresses, saved source messages, source labels, source snippets, full saved source email bodies, extracted lead-source patterns, and knowledge about where a moving company receives leads.

Lead-source information is scoped to the company account that saved or connected it. We do not sell lead-source information. We do not share one moving company's lead-source information with another moving company. We do not use one company's lead-source knowledge to configure, train, improve, or advantage a competitor's account.

Billing and subscription information

We use Stripe for subscription billing, checkout, customer portal access, products, prices, invoices, payments, add-on credit purchases, and subscription status. AgenticSP stores Stripe customer IDs, subscription IDs, product and price metadata, checkout-session records, subscription status, billing-related feedback, and limited payment method metadata such as card brand and last four digits if made available by Stripe.

AgenticSP does not intentionally store full credit card numbers. Payment card details are processed by Stripe under Stripe's policies and terms.

AI-assisted processing information

AgenticSP uses AI features to extract moving lead details from emails, help configure pricing agents, assist with support and error resolution, generate or edit email template designs, and generate template images when requested. Inputs may include email bodies, snippets, lead details, pricing configuration, template content, user prompts, and relevant workflow context. Outputs may include extracted lead data, suggested configuration, template edits, support guidance, and generated image metadata.

Usage, device, and observability information

We collect technical and usage information such as log events, API requests, IP-derived request metadata, browser and device information, authentication events, feature usage, errors, performance traces, AI workflow metadata, token/cost metadata, and analytics events. We use tools such as Sentry and PostHog to monitor reliability, diagnose errors, understand product usage, and improve the Service.

Support and administrative information

If you contact us, submit feedback, create support tickets, or interact with an administrator, we collect the contents of those communications and related metadata. AgenticSP administrators may access customer records only as needed for support, security, billing, abuse prevention, compliance, or Service operations.

How We Use Information

We use information to:

  • Provide, maintain, secure, and improve AgenticSP.
  • Authenticate users and enforce company-level access controls.
  • Create and manage companies, users, agents, lead sources, leads, estimations, workflows, templates, and support tickets.
  • Connect authorized Google or Microsoft mailboxes and process email-based lead workflows.
  • Identify incoming messages from saved lead sources.
  • Extract moving lead details from email content.
  • Calculate moving estimations and generate charge breakdowns.
  • Schedule and send quote, follow-up, and workflow emails.
  • Track delivery, bounce, unsubscribe, open, click, and reply events where enabled.
  • Provide billing, checkout, subscription, and add-on credit functionality through Stripe.
  • Detect duplicate webhooks, prevent retry loops, handle failures, and support manual review.
  • Provide support, investigate errors, prevent abuse, and comply with legal obligations.
  • Analyze aggregate product usage and reliability.

We do not sell personal information, customer lead data, connected mailbox data, or lead-source information.

Google and Microsoft Email Data

AgenticSP requests access to connected email accounts only when an authorized user chooses to connect an inbox for email automation. AgenticSP currently uses Nylas to connect Google and Microsoft accounts and to provide the email functionality visible in the AgenticSP interface.

What email permissions are used for

AgenticSP uses connected mailbox permissions to:

  • Browse message summaries so authorized users can choose and save lead sources.
  • Read selected or relevant incoming messages from saved lead sources.
  • Receive message-created webhook events for connected inboxes.
  • Extract lead information from inbound moving inquiry emails.
  • Create lead and estimation records for the connected company.
  • Send quote and follow-up emails from the connected account.
  • Schedule outbound emails where configured.
  • Detect replies, bounces, opens, clicks, unsubscribes, and delivery outcomes where tracking is enabled.
  • Display connection status and allow users to disconnect the mailbox.

AgenticSP does not use connected email access to read unrelated email for advertising, market research, resale, competitor intelligence, or any purpose outside the visible AgenticSP lead automation and email workflow features.

Google API Limited Use

AgenticSP's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

For Google user data obtained through Google OAuth or Google Workspace APIs:

  • We use the data only to provide or improve user-facing AgenticSP features that are visible in the application, such as lead-source selection, lead extraction, estimation automation, outbound quote emails, scheduling, and reply/delivery tracking.
  • We do not sell Google user data.
  • We do not use Google user data for advertising or retargeting.
  • We do not use Google user data to build, train, or improve generalized, foundation, or frontier AI or machine learning models.
  • We do not allow humans to read Google user data except where the customer has given explicit permission for support, where access is necessary for security or abuse investigation, where required by law, or where necessary for internal operations and the data has been aggregated and handled according to applicable privacy requirements.
  • We transfer Google user data only as necessary to provide the Service with subprocessors, for security purposes, to comply with law, or with the user's consent.

Microsoft email data

For Microsoft-connected mailboxes, AgenticSP applies the same purpose limitation: Microsoft mailbox data is used only to provide connected email, lead-source, lead extraction, estimation, outbound email, scheduling, tracking, support, security, and compliance features requested by the customer. We do not sell Microsoft mailbox data or share one customer's mailbox or lead-source information with another customer.

Revoking mailbox access

Authorized users can disconnect an email account in AgenticSP. AgenticSP will attempt to revoke the related Nylas grant and remove active connection details from the agent. Users may also revoke AgenticSP or Nylas access directly through their Google or Microsoft account security settings. Disconnecting a mailbox may pause or disable email-based automation for the affected agent or company workflow.

How We Share Information

We share information only as needed to operate AgenticSP, comply with law, protect the Service, or complete customer-directed actions.

Service providers and subprocessors

We use service providers that may process information on our behalf, including:

  • Supabase and PostgreSQL infrastructure for authentication, database, storage, and related backend services.
  • Nylas for Google and Microsoft mailbox connection, email API access, sending, scheduling, webhooks, and tracking-related events.
  • OpenAI and OpenRouter-supported model providers for AI-assisted extraction, chat, template design, and image-related features.
  • Stripe for checkout, billing, subscription, invoice, payment, tax, fraud-prevention, and customer portal workflows.
  • Google Maps and related Google APIs for maps, geocoding, route/distance calculation, and location-based pricing support.
  • Redis/BullMQ infrastructure for queueing, deduplication, scheduling, and email workflow reliability.
  • Sentry for error monitoring, tracing, and reliability observability.
  • PostHog for product analytics where enabled.
  • Hosting, security, logging, and infrastructure providers used to run the Service.

These providers may process data only as needed to provide their services to us, subject to their own terms, privacy policies, and data processing commitments.

Legal, safety, and business transfers

We may disclose information if we believe it is necessary to comply with law, legal process, or government requests; enforce our Terms of Service; protect rights, property, safety, security, or integrity; investigate fraud, abuse, or security incidents; or as part of a merger, acquisition, financing, reorganization, or sale of assets, subject to applicable notice or consent requirements.

Customer-directed sharing

When an authorized user sends an email, creates a quote, connects a mailbox, contacts support, or otherwise directs AgenticSP to act, we share the information necessary to complete that action.

Data Storage, Security, and Access Controls

We use administrative, technical, and organizational safeguards designed to protect information from unauthorized access, loss, misuse, alteration, or disclosure. These safeguards include authentication, company-scoped authorization, role and scope checks for administrative access, database access controls, row-level security patterns, encrypted transport, provider-supported encryption at rest, webhook signature verification, API key controls, logging, monitoring, deduplication, and operational review of failures.

No system is perfectly secure. Customers are responsible for protecting their account credentials, managing authorized users, connecting only mailboxes they are allowed to use, and configuring lead sources, workflows, templates, and outbound messages responsibly.

Company-Level Data Isolation

AgenticSP is designed as a multi-company SaaS platform. Company users can access their own company's records, such as leads, estimations, agents, pricing configuration, templates, connected email metadata, and lead sources. AgenticSP uses company identifiers, authenticated user context, protected API procedures, role/scope checks, and database policies to restrict access.

AgenticSP support or administrative personnel may access customer data only for support, operations, billing, security, compliance, or troubleshooting purposes. They may not use one customer's confidential lead-source knowledge for another customer.

AI and Model Training

AgenticSP may send customer-provided content to AI service providers to provide requested features. This may include email text for lead extraction, prompts and configuration context for agent setup, template content for design assistance, and image prompts for generated assets.

AgenticSP does not use customer lead data, connected mailbox data, Google user data, Microsoft mailbox data, or lead-source information to train generalized or foundation AI models. We do not knowingly opt in to third-party AI provider training on customer content unless a customer gives explicit permission or the feature clearly requires and discloses a different practice.

AI outputs may be inaccurate or incomplete. Customers are responsible for reviewing AI-generated lead details, estimations, email content, and recommendations before relying on them.

Cookies and Similar Technologies

AgenticSP may use cookies, local storage, and similar technologies for authentication, session management, preferences, security, analytics, and application functionality. Browser settings may allow users to block or delete cookies, but some Service features may not function without them.

Data Retention and Deletion

We retain information for as long as needed to provide the Service, operate customer workflows, comply with legal and billing obligations, resolve disputes, enforce agreements, maintain security, and support business operations.

After account termination or a verified deletion request, AgenticSP targets deletion or de-identification of account and customer data within 90 days, except where retention is required or permitted for legal, billing, tax, backup, audit, dispute, fraud-prevention, abuse-prevention, security, or legitimate business continuity purposes.

Backups and logs may persist for a limited period before deletion or rotation. Some records, such as billing, transaction, security, and legal records, may be retained longer where required or appropriate.

Users can disconnect connected email accounts in AgenticSP or revoke access through Google, Microsoft, or Nylas-related account controls. Deleting a lead source, lead, template, agent, or other object may remove or cascade-delete related records according to the Service's data model, except for records retained for the reasons above.

Customer Responsibilities

Customers are responsible for:

  • Providing appropriate notices to their own leads, customers, and email recipients.
  • Ensuring they have authority to upload, connect, process, and send information through AgenticSP.
  • Complying with applicable email, marketing, privacy, consumer protection, and anti-spam laws.
  • Honoring unsubscribe and opt-out requests.
  • Reviewing estimates, pricing rules, templates, AI outputs, and outbound email workflows.
  • Managing authorized users and connected email accounts.

Privacy Rights

Depending on where you are located, you may have rights to access, correct, delete, export, object to, or restrict certain processing of personal information. To exercise privacy rights, contact support@agenticsp.ai.

We may need to verify your identity and authority before completing a request. If you are an end customer or lead of a moving company that uses AgenticSP, we may direct you to that moving company because AgenticSP processes much of that information on behalf of its business customer.

International Processing

AgenticSP is intended for customers in the United States and Canada. Information may be processed in the United States, Canada, and other locations where our service providers operate. By using the Service, customers understand that information may be transferred to and processed in those locations.

Children's Privacy

AgenticSP is a business service and is not intended for children under 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice through the Service, by email, or by another reasonable method. The updated policy will be effective when posted unless a later effective date is stated.

Contact

Privacy and support requests: support@agenticsp.ai

General inquiries: info@agenticsp.ai

Website: https://agenticsp.ai

Platform: https://app.agenticsp.ai