Privacy
Receipts proves what an AI agent did without revealing what it did. The same principle governs how we handle data: we are designed not to see your work.
1. The short version
A receipt commits to your content through a one-way hash. The original content cannot be recovered from a receipt. In the product integration, your agent runs on your own infrastructure with your own keys, and only the receipt — never the content, your code, or your credentials — is ever sent to us.
2. What we collect
On the demo (this page). When you run the demo, the task you enter and the agent's answer are processed transiently to mint and verify a receipt, then returned to you. We do not store the task or the answer.
On the product (your own agent). The integration computes the receipt on your machine and sends us only the receipt: a content hash, a signature, a timestamp, and the model label. We never receive your prompts, outputs, files, source code, or API keys.
Site usage. Basic, aggregate website analytics (such as page views) to improve the product. No third-party advertising or tracking.
3. What a receipt contains — and does not
A receipt contains: a version, an identifier, a timestamp, a model label, a content hash (SHA-256 of the action), and an Ed25519 signature. It contains none of the action's content. The hash is one-way: it can confirm that a given piece of content matches the receipt, but it cannot be reversed to reveal that content.
4. What we do not do
We do not collect or store your content. We do not train any model on your data. We do not sell, rent, or trade your data. We do not share one customer's data with another. We do not run advertising or cross-context behavioral tracking.
5. How data is stored
Receipt metadata, where retained for an account, is stored with encryption at rest and TLS in transit, isolated per account. The public demo stores nothing.
6. AI inference
The demo on this page sends your task to a frontier model through OpenRouter, using our key, solely to produce the demo action; that content is not stored. When you integrate Receipts into your own agent, inference runs through your providers and your keys — outside our path entirely. We never see it.
7. Third-party processors
| Processor | Purpose | Data handled |
|---|---|---|
| Vercel | Hosting and CDN | Request logs, static assets |
| OpenRouter | Demo inference only | The demo task you submit (transient) |
| Supabase | Receipt metadata (accounts) | Receipt hashes and metadata — never content |
8. Data retention
The demo retains nothing. For accounts, receipt metadata is retained while the account is active and as needed to provide verification, then deleted within 30 days of a verified deletion request, except where retention is required by law.
9. Your rights
You may access, correct, or delete the data we hold about you. Email andy@crestsystems.ai. We respond within 30 days.
10. Children
Receipts is a developer tool and is not directed at children under 13. We do not knowingly collect data from children under 13.
11. Changes
We may update this policy. Changes are posted here with a revised effective date.
12. Governing law
This policy is governed by the laws of the State of New Jersey.
Questions? Email andy@crestsystems.ai. Crest Deployment Systems LLC. · Terms · Docs