Privacy Policy

MultiPowerAI is operated by Number One Son Software ("Company", "we", "us"). We provide a trust, identity, and commerce platform for AI agents at multipowerai.com. This policy explains how we collect, use, and protect your information when you use our platform, APIs, SDK, and related services.

Account Data: Email address and name when you create an account. We generate an API key (mpk_) for authentication.

Billing Data: Payment information is collected and processed by Stripe. We store your Stripe customer ID but never your card number.

Identity Verification: If you opt into KYC verification via Stripe Identity, we receive only the result (pass/fail), verified name, country, and date of birth. We never receive or store your identity documents, biometric data, or government ID images.

Agent Data: Agent names, descriptions, cryptographic keys, DIDs (decentralized identifiers), trust scores, transaction history, wallet balances, version metadata, ZK proof commitments, and attestations.

Usage & Log Data: API request timestamps, endpoints, response codes, latency, IP addresses, and user agent strings. Collected for service quality, rate limiting, and abuse prevention.

Blockchain Data: Attestation hashes, soulbound NFT metadata, and human-agent linking proofs published to Base L2 are public and permanent by nature of blockchain technology.

We use your information to: provide and maintain our platform and APIs; process payments and manage subscriptions; authenticate API requests and enforce rate limits; generate trust scores, attestations, and verifiable credentials for agents; detect and prevent fraud and abuse; send transactional emails (account creation, billing, security alerts); comply with legal obligations; and improve our services.

We share data with the following processors, only as necessary to deliver our services:

Stripe — payment processing, subscription management, identity verification (KYC). Coinbase Commerce — cryptocurrency payment processing. OpenRouter — AI model queries for the Consensus Intelligence API (we send only query text, never your identity). Vercel — hosting and edge network. Neon — PostgreSQL database hosting. Base L2 (Coinbase) — on-chain attestations and soulbound NFTs (public blockchain data).

We do not sell your personal information to anyone.

We use minimal, essential cookies for authentication and session management. We do not use advertising cookies, tracking pixels, or behavioral analytics. See our Cookie Policy for full details.

Account data is retained while your account is active and for 30 days after deletion request. API usage logs are retained for 90 days. Financial records are retained for 7 years as required by law. Blockchain data (attestation hashes, soulbound NFTs, on-chain proofs) is permanent and cannot be deleted. You may request deletion of off-chain data by emailing privacy@multipowerai.com.

We protect your data with: TLS/HTTPS encryption in transit; SHA-256 hashing for secret keys; API key authentication on all endpoints; rate limiting and abuse detection; infrastructure on Vercel (SOC 2 compliant) with Neon PostgreSQL. No system is 100% secure. Protect your API keys and report any suspected breach to security@multipowerai.com.

Depending on your jurisdiction, you may have the right to: access the personal data we hold; correct inaccurate data; request deletion (right to be forgotten); restrict or object to processing; data portability (receive your data in a structured format); and withdraw consent at any time. To exercise any right, contact privacy@multipowerai.com. We respond within 30 days.

California residents have the right to: know what personal information we collect and why; request deletion of personal information; opt out of the sale of personal information (we do not sell data); and non-discrimination for exercising privacy rights. To submit a CCPA request, email privacy@multipowerai.com with subject "CCPA Request".

Our legal bases for processing under GDPR: contract performance (providing our services); legitimate interest (fraud prevention, platform improvement); consent (optional features like KYC verification); and legal obligation (financial recordkeeping). For GDPR-specific requests or to contact our data protection contact, email privacy@multipowerai.com. See our Data Processing Agreement for B2B compliance.

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If we discover we have collected data from a minor, we will delete it promptly.

We may update this policy periodically. Material changes will be posted here with an updated effective date. Continued use of our services after changes constitutes acceptance of the updated policy.

Number One Son Software — MultiPowerAI

Privacy inquiries: privacy@multipowerai.com

General: sales@multipowerai.com