Privacy Policy — Agents At Work

Agents At Work is a product of AnswerSolutions LLC (www.answersolutions.net). This policy explains what data we collect, why we collect it, and how we protect it. We have tried to keep it short and readable — if anything is unclear, email us at privacy@answersolutions.net.

1. What is Agents At Work?

Agents At Work is a mobile + desktop system that lets you monitor and control AI coding agents — Claude Code (Anthropic), Codex (OpenAI), and Gemini CLI (Google) — running on your Mac from your iPhone or Android phone. The Mac companion app captures agent events and routes them to your mobile device via Firebase (Google Cloud). The mobile app displays those events and lets you respond to permission prompts.

2. Data we collect

2a. Account data

Your account is created in the macOS companion app using Firebase Authentication. We store your email address and an anonymous user ID (UID). If you sign in with Google, we receive your Google account email and display name. We do not store passwords — authentication is handled entirely by Firebase.

The mobile app (iPhone and Android) does not have its own sign-in screen and does not create a separate account. Instead, it authenticates silently by scanning a QR code shown in the Mac companion app, which grants it a short-lived token to authenticate as your Mac account's UID. No additional personal data is collected during this process.

2b. Agent session data

While an agent runs on your Mac, the companion app writes the following to our Firebase Firestore database, under your user ID:

Computer identifier (a name you choose) and macOS version
Session status (running / stopped) and active agent name
The conversation with the agent — your prompts and the agent's responses, including tool-call summaries such as "Wrote UserService.kt" or "Run: npm run build"
Permission prompts and your answers (Yes / No / custom text)
Messages you send to the agent from the mobile app
Usage statistics reported by the agent (token counts, model name)

End-to-end encryption. Conversation content — prompts, agent responses, tool-call summaries, and project paths — is encrypted with AES-256-GCM on your Mac before it is written to Firestore. The encryption key is derived from a one-time QR scan between your Mac and your phone and is stored only on your devices. Firebase and AnswerSolutions never hold the key and cannot read your conversation data in plaintext.

Conversation data is session-scoped. When you start a new agent session, the previous session's conversation — prompts, responses, and tool-call history — is automatically cleared from the database. Only the most recent session's conversation is stored at any time. Computer registration, session status, and usage statistics persist across sessions until you delete the computer or your account.

Agent session data is isolated under your UID — other users cannot access it. The data passes through Google's Firebase infrastructure in encrypted form.

2c. Push notification tokens

The mobile app registers a Firebase Cloud Messaging (FCM) token with our Firestore database so that permission prompts can be delivered as push notifications. These tokens are tied to your UID. We use them only to deliver notifications; we never sell or share them.

2d. Subscription and billing data

Agents At Work offers paid subscriptions (Personal and Pro) purchased through the Apple App Store (iOS) or Google Play (Android). We do not handle payment card numbers or billing details directly — those are managed entirely by Apple or Google under their respective privacy policies.

When a purchase is verified, we store the following in Firestore under your UID:

Subscription tier (Personal or Pro) and billing period (weekly / monthly / yearly)
Subscription status (active, expired, or blocked) and expiry date
A reference transaction identifier used to validate renewals (no payment card data)

This data is used solely to enforce subscription entitlements (for example, the number of Macs you can connect). We do not sell or share subscription metadata with third parties.

2e. Website early-access form

If you submit the early-access form on this website, we store your email address, optional name, and optional message in a separate Firestore collection (early_access). This collection is write-only from the website — the website cannot read, update, or delete records. We use this data only to contact you about early access; we do not share it with third parties.

3. Data we do NOT collect

The actual contents of files the agent reads or writes (only file paths and tool-call summaries are stored)
Keystrokes, clipboard contents, or screenshots
Location data
Analytics or advertising identifiers
Any data from third-party services beyond Firebase

4. How we use your data

To provide the service — routing agent events from your Mac to your phone in real time.
To send push notifications — delivering permission prompts and status updates to your device.
To manage your account — authenticating you and associating your computers and sessions with your UID.
To contact early-access applicants — if you submitted the website form.

We do not sell your data. We do not use it for advertising.

5. Data sharing

We share data only with:

Google Firebase — Authentication, Firestore, Cloud Messaging, and Cloud Functions. Google processes this data as a subprocessor under their standard terms. See firebase.google.com/support/privacy.

We do not share your data with any other third party unless required by law.

6. Data retention

Conversation data (prompts and responses) — automatically deleted from the database each time you start a new agent session. Only the current session's conversation is ever stored.
Other session data (computer registration, session status, usage statistics) — retained until you delete the computer from the app, or until you delete your account.
Subscription data — retained for the lifetime of your account to support renewal verification and entitlement checks.
Account data — retained until you delete your account. Account deletion is performed from the macOS companion app (Sign Out / Uninstall menu). Deletion removes your Firebase Auth account, all Firestore data, and push notification tokens. Alternatively, email privacy@answersolutions.net and we will process your request within 30 days. To unlink only the mobile app without deleting your account, use Settings → Unlink this Phone in the mobile app.
Early-access form submissions — retained until you ask us to remove your entry (email us with the address you submitted).

7. Security

All data is transmitted over HTTPS/TLS. Firestore security rules enforce that each user can only read and write their own data.

End-to-end encryption: conversation content (prompts, responses, tool-call summaries, project paths) is encrypted with AES-256-GCM on your Mac before transmission. The encryption key is generated from a QR scan between your devices and is never sent to our servers. Firebase receives and stores only ciphertext.

The early-access collection is append-only from the website — it cannot be read or modified via the public API. Payment card details are never transmitted to or stored by us; all billing is processed by Apple or Google. We store only subscription status and tier information.

8. Children

Agents At Work is a developer tool intended for users 13 years of age or older. We do not knowingly collect data from children under 13. If you believe a child has submitted personal information to us, please contact us and we will delete it promptly.

9. Your rights

Depending on your location, you may have the right to access, correct, or delete the personal data we hold about you. To exercise any of these rights, email privacy@answersolutions.net. We will respond within 30 days.

10. Changes to this policy

We may update this policy as the product evolves. If we make material changes, we will update the effective date at the top of this page. We encourage you to review it periodically.

11. Contact

AnswerSolutions LLC
www.answersolutions.net
privacy@answersolutions.net