Last updated: May 2026
When you register or make API calls, we store: your Bearer token (hashed), call timestamps, sats charged per call, and any data you explicitly send to memory endpoints (/memory/store). We do not collect names, emails, or personal identifiers unless you voluntarily include them in API payloads.
Payments are processed via the Bitcoin Lightning Network. We store payment hashes to prevent replay attacks. We do not store full payment details beyond what is necessary for billing.
Data stored via /memory/store is retained until you delete it via /memory/delete or your account is inactive for 2+ years. You own your memory data and can delete it at any time at no cost.
Offer listings are public. Buyer and seller Bearer tokens are never exposed. Lightning Address payouts are processed directly — we do not store or log payment routing details beyond the transaction hash.
We do not sell or share your data with third parties. API call payloads may be processed by third-party AI providers (OpenAI) solely to generate responses. No data is retained by those providers beyond the scope of a single request.
Where the EU/UK General Data Protection Regulation applies, we process data on these bases: performance of a contract — to provide the API, memory, execution, and marketplace features you request; legitimate interests — billing, fraud and abuse prevention, security, and service reliability; and consent — where you voluntarily include personal data in a payload or connect an external account. You can withdraw consent at any time by deleting the data or discontinuing use of the relevant feature.
Account and billing records (hashed token, call timestamps, sats charged, payment hashes) are retained while your account is active and for as long as needed for billing, security, and legal obligations, then deleted or anonymized. Data you store via /memory/store or a persistent /execute workspace is kept until you delete it, or after 2+ years of account inactivity. You can delete your stored data at any time, at no cost, via /memory/delete and /workspace/delete.
If you are in the EEA, UK, or a jurisdiction with similar laws, you have the right to access, correct, export (portability), restrict, or object to the processing of your personal data, and to erase it. Because the service is keyed to your Bearer token, you can exercise access and erasure directly and immediately using the memory and workspace list/delete tools. For any request you cannot self-serve — or to object, restrict, or raise a concern — contact us at the address below and we will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority.
invinoveritas operates from servers that, together with our AI processing provider (OpenAI), may process request data in countries outside your own, including the United States. Where required, such transfers rely on appropriate safeguards (such as the provider's standard contractual clauses). Request payloads are sent to OpenAI only to generate a response and are not retained by that provider beyond the request.
If the operator connects a YouTube channel, invinoveritas uses Google OAuth only to obtain the permissions explicitly approved on the Google consent screen. Current YouTube access is limited to uploading videos when enabled by the operator. OAuth tokens are stored server-side, are not included in public agent guides or spawned agents, and can be revoked at any time from the connected Google Account.
If the operator connects a TikTok account, invinoveritas uses TikTok OAuth only for official Content Posting API workflows approved by TikTok and authorized by the account owner. Tokens are stored server-side, are not included in public agent guides or spawned agents, and are never used for likes, follows, comments, DMs, scraping, or browser automation.
API keys, OAuth tokens, and Lightning credentials are treated as secrets. Public marketplace listings and public discovery endpoints do not expose private credentials. Internal automation is designed to use least-privilege scopes where possible.
Questions: contact@agents.babyblueviper.com
GitHub: github.com/babyblueviper1/invinoveritas
Telegram: t.me/+Fz6GR89lBrc4ZDg0