Privacy Policy

Applies to: agentcymarketing.co and any marketing subdomains
Last updated: May 16, 2026
Contact: [email protected]

This policy describes the information Agentcy collects when you visit our marketing website, how we use it, who we share it with, and the choices you have. It applies only to agentcymarketing.co. Data inside the Agentcy application at app.agentcymarketing.co is covered by the App Privacy Policy.


1. Who we are

Agentcy is a service of Agentcy, LLC, a company that builds an AI-powered marketing platform for businesses. We are the controller of the personal data described in this policy.

If you have any questions about this policy or how we handle your data, email [email protected].


2. What we collect

We try to collect as little as possible on the marketing site. There are three buckets.

2.1 Information you give us directly.

When you submit one of our forms (Day Zero waitlist, contact, demo request, etc.) we collect the fields on that form. Today those are:

  • Your name
  • Work email address
  • Business name
  • Business website (optional)
  • Industry (optional)
  • Any free-text you write in a message field

If you subscribe to a newsletter, we collect your email and the fact that you subscribed.

2.2 Information collected automatically.

When you load a page on agentcymarketing.co, our servers and analytics tooling record:

  • IP address and approximate city-level location derived from it
  • User-agent string (browser and operating system)
  • Referring URL (the page that linked you here)
  • Pages viewed, time on page, scroll depth
  • Click events on key calls-to-action

This is standard web analytics. We use it to understand which pages convert, which messages resonate, and to debug site issues.

2.3 Cookies and similar storage.

We use a small number of first-party cookies for:

  • Session continuity (e.g., remembering you’ve dismissed a banner)
  • Conversion attribution (linking a form fill back to the page that referred you)
  • Analytics

We do not use cross-site advertising trackers, fingerprinting, or session-replay tools. You can clear or block cookies in your browser at any time without losing the ability to use the site.

What we do not collect on the marketing site: government ID numbers, financial account numbers, health or biometric data, precise device location, social-security numbers, or special-category data under GDPR.


3. How we use the information

We use the data above for the following purposes:

  • Respond to you. When you submit a form, we use your contact details to follow up — answer questions, send a demo link, add you to an early-access list.
  • Send marketing emails you’ve opted into. Newsletters, product updates, occasional announcements. Every email has a one-click unsubscribe.
  • Improve the site. Aggregate analytics tells us which content works and where visitors get stuck.
  • Detect and prevent abuse. Bot traffic, scraping, fraudulent signups, attempted exploits.
  • Comply with law. Respond to subpoenas, court orders, or regulatory requests where legally required.

We do not sell your personal data. We do not rent it to third parties. We do not use it to train AI models.


4. Legal bases (for EU / UK visitors)

If you are in the EU, UK, or another jurisdiction where GDPR-style rules apply, we rely on these legal bases:

PurposeLegal basis
Responding to a form submissionPerformance of pre-contractual steps at your request (GDPR Art. 6(1)(b))
Sending marketing emailYour consent (GDPR Art. 6(1)(a)), withdrawable at any time
Site analyticsOur legitimate interest in understanding site performance (GDPR Art. 6(1)(f)), balanced against your privacy
Security and fraud preventionOur legitimate interest in protecting the service (GDPR Art. 6(1)(f))
Legal complianceCompliance with legal obligations (GDPR Art. 6(1)(c))

5. Who we share it with

We share marketing-site data only with the vendors required to run the site, and only to the extent they need it. Each is bound by a data-processing agreement.

VendorWhat they process
VercelSite hosting, edge logs
SupabaseForm submission storage
Resend (or successor email vendor)Marketing and transactional email sends
Our analytics providerPage analytics
ClerkAuthentication where applicable

We will disclose data outside this list only if (a) you direct us to, (b) it is necessary to comply with a valid legal demand, or (c) we are involved in a merger, acquisition, or asset sale — in which case we will require the successor to honor this policy.


6. Cookies in detail

Cookie categoryPurposeRequired?
Strictly necessarySession, security, load balancingYes — cannot be disabled
FunctionalRemembering preferences and dismissed bannersNo
AnalyticsAggregate page and event analyticsNo

If you are in a jurisdiction that requires opt-in consent for non-essential cookies, we will request that consent via a banner before any non-essential cookies are set.

You can manage cookies from your browser at any time. Doing so will not affect your ability to read the site, though some preferences may not be remembered between visits.


7. Retention

We hold marketing-site data only as long as needed. Defaults:

  • Form submissions: 24 months from last contact, then deleted or anonymized.
  • Newsletter subscriptions: Until you unsubscribe, plus 30 days on a suppression list.
  • Server access logs: 30 days.
  • Analytics events: 14 months.

8. Your rights

Depending on where you live, you may have any or all of these rights over your personal data:

  • Access — get a copy of what we hold about you.
  • Correction — fix anything inaccurate.
  • Deletion — ask us to delete it (see the Data Deletion Policy).
  • Portability — receive your data in a structured, machine-readable format.
  • Object — to processing based on our legitimate interest.
  • Restrict — limit how we process your data.
  • Withdraw consent — at any time, for processing based on consent.
  • Lodge a complaint — with your local data-protection authority.

To exercise any of these, email [email protected] with a description of your request. We respond within 30 days, or sooner if your jurisdiction requires it. We will not charge you for a reasonable request.

California residents (CCPA / CPRA): you have the right to know what categories of personal information we collect, to delete it, to correct it, to opt out of any “sale” or “sharing” (we do not sell or share for cross-context advertising), and to non-discrimination for exercising these rights. Authorized agents may make requests on your behalf with verifiable proof of authority.


9. International data transfers

Agentcy is based in the United States and our infrastructure runs primarily in the US. If you submit data from outside the US, you are transferring it to the US for processing. Where required, we rely on the European Commission’s Standard Contractual Clauses (or equivalent UK/Swiss mechanisms) with our subprocessors to provide an adequate level of protection.


10. Children

The marketing site is not directed at children under 16, and we do not knowingly collect data from them. If you believe a child has submitted personal data through the site, email [email protected] and we will delete it.


11. Security

We use industry-standard safeguards to protect marketing-site data:

  • TLS 1.2+ on all connections
  • Encrypted storage of form submissions and email addresses
  • Role-based access controls on our internal tooling
  • Rate limiting and bot protection on forms

No system is perfectly secure. If we ever experience a breach affecting your personal data, we will notify you in accordance with applicable law.


12. Do Not Track and global privacy signals

We honor the Global Privacy Control (GPC) signal. If your browser sends GPC, we treat it as an opt-out of analytics tracking and any future “sale” or “share” as those terms are defined under US state laws.


13. Changes to this policy

We will update the “Last updated” date when this policy materially changes. For significant changes, we will give notice on the site or by email where we have your address. The current version is always at agentcymarketing.co/privacy-policy.


14. Contact

Agentcy, LLC [email protected]

For data-deletion requests specifically, see the Marketing Website Data Deletion Policy.

This document is operational policy, not legal advice. It should be reviewed by your counsel before publication.