๐Ÿ”’ We never sell or share your data

Privacy Policy

Last updated: April 29, 2026 ยท Applies to VIGIL and all COS TRINITY products

TL;DR: The Short Version
  • โœ“Agent event data lives on your device only. It never reaches our servers.
  • โœ“We collect only what's needed to run your account (email, hashed password).
  • โœ“We never sell or share data with third parties. Not now, not ever.
  • โœ“You own your event history, export it, delete it, or run VIGIL Desktop entirely offline.
  • โœ“This policy applies to every COS TRINITY product: VIGIL, AGNT, SNiPr, and all future products.

1. Who We Are

VIGIL is a product of COS TRINITY ("COSTRINITY"). We build developer tools for AI agent operators. Our registered contact is hello@costrinity.xyz.

2. What Data We Collect

Account data
Your email address and a hashed (bcrypt) password when you create an account. We never store plain-text passwords.
Billing data
If you upgrade to Pro, billing is handled by Stripe. We never see or store your card details.

3. What We Never Collect

Agent event data
The events your agents emit, actions, decisions, errors, costs, payloads, stay on your device. Browser-mode events live in your browser's IndexedDB; VIGIL Desktop events live in local SQLite on your machine. They never reach a COSTRINITY server, never enter a database we control, and we therefore cannot read, search, share, sell, or hand them over to anyone. This is enforced architecturally, not by policy promise.
Event counts / usage telemetry
We do not count or aggregate the events you emit. Plan limits (where applicable) are enforced client-side based on local state. We do not know how many events you've sent.
Private keys / seed phrases
Never. They never leave your machine because no event data leaves your machine, but if you log one to your local store, treat it as compromised and rotate it.
Third-party analytics
We do not pipe agent activity into Google Analytics, Mixpanel, Sentry, or any third-party service. Not now, not ever.
Behavioral profiling
We do not build profiles of your agents' behavior for advertising, training data, or resale.

4. How We Use Your Data

We use the data we DO collect (account email + billing relationship) exclusively to: (1) authenticate you to the dashboard, (2) bill the plan you signed up for, (3) reach you for security or material policy updates, and (4) respond to support requests you initiate. Nothing else. We do not have access to agent event data, see ยง3 above.

5. Data Storage & Security: Where Your Events Actually Live

Account credentials (email + bcrypt hash) live in a PostgreSQL database hosted on Vercel Postgres (Neon), encrypted at rest and in transit (TLS 1.3). Agent event data does NOT live there. Browser-mode events are written directly to IndexedDB inside your browser, isolated to the same-origin store at vigil.costrinity.xyz. VIGIL Desktop events are written to a local SQLite file in your OS user data directory. In both cases, you can export the full history as JSON or CSV from the dashboard, and you can wipe it with a single click. There is no copy on our servers to also delete.

6. Data Sharing

We do not sell, rent, lease, or share your data with any third party, ever. The one exception is Stripe (billing processor), which receives your email when you upgrade, subject to Stripe's own privacy policy. Your agent event data is structurally incapable of reaching Stripe (or anyone else): it lives on your device only. There is no server-side copy to share even if we wanted to.

7. Your Rights

Export
Download all your event data as JSON or CSV from the dashboard. Since events live on your device, this is a local read, instant, offline-capable, no server roundtrip.
Delete
Wipe individual agents, their events, or all local data from the dashboard. Deletion is permanent and immediate. There is no server-side copy to also remove because we never had one.
Correction
Update your account email from Dashboard โ†’ Settings.
GDPR / CCPA
If you are in the EU or California, you have the right to access, rectify, erase, and port your data. Most of those rights are already exercised locally (your browser/desktop holds the data). Contact hello@costrinity.xyz for anything else.

8. COS TRINITY, All Products

This policy applies to all current and future COS TRINITY products, including VIGIL (agent monitoring), AGNT (agent deployment), SNiPr (Solana trading agent), and any products we release in the future. The core principle is the same across all of them: your data is yours, and we never share it.

9. Changes to This Policy

If we make material changes to this policy, we will notify you by email (at the address on your account) at least 14 days before the change takes effect. The updated date at the top of this page always reflects the last change.

10. Contact

Questions, data requests, or concerns: hello@costrinity.xyz. We respond within 48 hours.

โ† Back to VIGILDocsDashboard