Peta Privacy Policy

Peta Core, Console, and Desk run on servers you deploy. Your MCP configurations, agent policies, approval flows, and runtime usage stay in your environment and are not transmitted to Peta without your explicit permission.

Secrets (passwords, credentials, API keys) are encrypted in your Vault-backed storage; Peta cannot decrypt or access them. The only data we retain centrally are the account and payment details you provide when purchasing a commercial license.

• Account details you provide (name, email, workspace metadata).
• Configuration data for agents, tools, policies, and approvals.
• Product usage and audit events (for security, reliability, and compliance).
• Support communications you send to our team.

• To operate the agent vault, MCP gateway, and Peta Desk approvals.
• To secure accounts, enforce policies, and investigate abuse.
• To provide support, product updates, and reliability improvements.

External credentials stay encrypted in Vault and are injected server-side at runtime. Agents and users receive short-lived tokens instead of raw API keys. Access, approvals, and decryptions are logged for audit.

We segregate environments and tenants, follow least-privilege, and never sell your data.

• Access, update, or delete your account data.
• Export audit logs for compliance reviews.
• Opt out of non-essential communications.

We retain only the account and billing records you share for licensing, plus any support communications you choose to send. Your MCP audit logs stay in your environment; we do not collect them. You may request deletion of account data; some billing records may be retained where required for security or legal purposes.

Questions about this policy? Email privacy@peta.io.