Privacy Policy
Last updated: January 31, 2026
The Short Version
Your rules stay on your device. Your audit logs stay on your device. We don't collect, store, or sell your data.
Agent Constitution is designed so that your behavioral rules and approval history never leave your device. The relay is an ephemeral pipe — it passes messages between your agent and your phone, then forgets them. Channel pairing state can optionally persist in Redis.
What Data the App Accesses
The Agent Constitution iOS app may access the following data on your device, only with your permission:
- Constitution rules — behavioral rules you define for your AI agents, stored locally on-device
- Audit trail — a log of every rule check, approval, and denial, stored in the iOS Keychain
- Push notification token — used to deliver approval request notifications to your device
- Face ID / Touch ID — used to authenticate when accessing sensitive stored data (e.g., vault items)
How Data is Stored
On Your Device (Local Only)
- Rules are stored locally on-device. They are sent to the relay only when an agent performs a constitution check, and only the relevant rule match is included in the response.
- Audit logs (timestamps, action descriptions, decisions, rule names) are stored in the iOS Keychain with
kSecAttrAccessibleWhenUnlockedThisDeviceOnly protection.
- Pairing credentials (relay URL, channel ID, auth token) are stored in the iOS Keychain.
On the Relay Server
- The relay server is a minimal HTTP queue. When deployed with Redis, channel state persists across restarts. Without Redis, it falls back to in-memory storage.
- Constitution check requests (action descriptions from your agent) expire after 30 minutes if not processed.
- Approval/denial responses expire after 60 seconds and are permanently deleted from memory.
- The relay has no database, no disk storage, no logs of message content.
- Message queues are ephemeral — constitution check requests and responses auto-expire after processing. Channel pairing state persists in Redis when configured.
On Third-Party Servers
- Apple Push Notification service (APNs) — we send push notifications through Apple's servers. Apple's privacy policy governs their handling of notification delivery metadata.
- No other third parties receive your data. We do not use analytics, advertising, tracking, or any third-party SDKs that collect user data.
What We Don't Do
- We don't collect personal information
- We don't store your rules or audit logs on any server
- We don't sell or share data with third parties
- We don't track you with analytics or advertising
- We don't create user accounts or profiles
- We don't log message content on the relay server
- We don't read your rules — they stay on your phone
Self-Hosted Relay
The relay server is open source. You can host your own instance, audit the code, and verify that nothing is stored. The source code is available at github.com/arunrlverma/relay4agents.
AI Rule Suggestions (Coming Soon)
A future version will include AI-powered rule suggestions from natural language descriptions. When available, processing will happen on-device — your descriptions will not be sent to external AI services.
Security
- All communication between the app and relay uses HTTPS/TLS
- Requests are signed with HMAC-SHA256 with replay protection (timestamps + nonces)
- Audit logs are stored in the iOS Keychain with hardware-backed encryption
- Push notification payloads are validated against strict format rules before processing
Children's Privacy
Agent Constitution is not directed at children under 13. We do not knowingly collect information from children.
Changes to This Policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the app after changes constitutes acceptance of the updated policy.
Contact
If you have questions about this privacy policy or the app, please contact:
Arun Verma
Email: contact@agentconstitution.com
GitHub: github.com/arunrlverma/relay4agents