Privacy

Vouch Protocol™ is an open-source specification and reference implementation. The software is Apache 2.0; the protocol is W3C-track. When you visit vouch-protocol.com, you're looking at our marketing and documentation surface plus an AI assistant. Three surfaces collect data:

• The website itself (static pages): no analytics, no cookies, no tracking pixels.
• The Vouch Assistant chat (the panel at /ask and the floating widget): logs as described below.
• The email assistant (replies to ask@vouch-protocol.com): processes your message via Gemini and replies via Resend.

Every conversation with the chat assistant is logged. Each row contains:

• Your question text and the assistant's reply text
• A timestamp (UTC, second precision)
• The retrieval sources we used to answer
• Your IP address, truncated to /24 (IPv4) or /48 (IPv6), so we keep coarse geography but lose the last octet that identifies an individual subscriber
• A two-letter country code (we get this from our upstream proxy)
• Your browser's User-Agent string, truncated to 240 characters
• Your feedback rating (▲ / ▼) and optional comment, if you provide one

We do not log: cookies, session tokens, authentication bearers, account identifiers, full IP addresses, fingerprints derived from beyond the listed fields, or anything we don't list above.

The single purpose is quality improvement — finding questions we answer poorly, mis-cited sources, prompts that confuse the assistant. The IP-truncation + country code lets us tell roughly where confusion originates (a regulated industry in country X, a developer community in country Y) without identifying individuals. We do not sell this data, share it with third parties, or use it for advertising. We do not have ads.

Email replies to ask@vouch-protocol.com go through Cloudflare Email Routing → a Cloudflare Worker → Gemini → Resend. The Worker keeps minimal logs: the inbound address, the response code from Gemini and Resend, the timestamp. The full email body is not persisted by us; it's passed in-memory to Gemini for response generation and to Resend for delivery, both of which apply their own retention policies.

A copy of every inbound email is forwarded to ram@vouch-protocol.com for the maintainer's visibility — this is so we can spot misclassified questions and improve.

• Google (Gemini API) — processes your question to generate a reply. Subject to Gemini API terms. We use the free tier; queries may be used by Google to improve their models per Google's policy.
• Cloudflare — routes traffic, runs the email worker, terminates TLS. Standard Cloudflare data-handling.
• Fly.io — hosts the chat assistant backend in Mumbai. Standard Fly data-handling.
• Resend — sends email replies. Subject to Resend privacy policy.
• GitHub Pages — serves the static parts of this website.

• Chat interaction logs: indefinitely while we are actively maintaining the assistant; we will purge logs older than 24 months on a rolling basis once the protocol stabilises
• Email worker logs: 30 days, then Cloudflare expires them
• Vouch credentials we publish at vch.sh/<id>: as long as you (the creator) request, up to the free-tier expiry (1 year) or indefinitely for Pro-tier credentials

You can:

• Request your data: email privacy@vouch-protocol.com. We can't look up a specific person without an identifier you provide, but if you tell us a session ID, IP prefix, or approximate timestamp, we can return what's in our logs.
• Request deletion: same address. We delete on next request and confirm.
• Skip the chat: every page on this site reads fine without it. The chat is optional.
• Verify our claims: the source code is at github.com/vouch-protocol/vouch. The logging logic is in website-agent/backend/vouch_agent/interactions.py and is open for inspection.

Vouch Protocol is a technical specification for developers and AI agent operators. We do not target the service at children under 16 and do not knowingly collect data from them. If you believe a child has used the service, email privacy@vouch-protocol.com and we will delete their logs.

The maintainer is based in India. Data is processed in: Mumbai (Fly.io), Cloudflare's global network (Workers, KV), the EU/US (Resend), and Google's US infrastructure (Gemini). If you're in the EU, the GDPR rights summarised above apply; see also our GDPR mapping for how the protocol layer addresses specific articles.

We'll update this page when our practices change. For material changes, we'll also publish a note in the blog and (if you've given us your email) drop you a line. Last substantive update: 2026-05-22.