Hangar
Deploy an agent

Legal

Privacy.

We collect what we need to run Hangar, nothing more. Here’s exactly what.

Last updated: 2026-05-09 · hangar.so/legal/privacy

What we collect

  • Account info. Email, hashed password, organization name. That’s the entire signup form.
  • Billing info. Handled by Stripe. Hangar stores a Stripe customer ID and the last four digits of your card. We never see the full card number.
  • Agent execution logs. Inputs, outputs, tool calls, and errors from the agents you run. You can read and delete these from the dashboard.
  • Security telemetry. IP address and user-agent on auth events, kept for abuse and fraud investigation.

What we use it for

  • Running Hangar: provisioning Fly Machines, routing webhooks, executing agents.
  • Billing you accurately for what your agents actually used.
  • Debugging: when something breaks, the logs are how we figure out why.
  • Fraud and abuse prevention: blocking stolen-card signups and scraper bots.

That’s the full list. No ad targeting, no behavioural profiling, no model training on your data.

Who we share it with

  • Stripe processes payments. Your card data goes to them, not us.
  • Fly.io runs the Machines your agents execute on. They see container traffic, same as any cloud host.
  • Resend sends transactional email (login links, billing receipts).

No advertising trackers. No analytics SDKs by default. No data sales, ever.

Where it’s stored

Postgres and object storage live in Fly.io US data centers (currently iad and sjc). Backups are encrypted at rest and held in the same region.

How long we keep it

  • Active accounts: for as long as you have one.
  • Deleted accounts: soft-delete for 30 days so you can change your mind, then a hard purge.
  • Billing records: kept 7 years after the last invoice. Tax law requires this, regardless of account state.
  • Agent logs: 90 days by default. You can shorten this per agent in the dashboard.

Your rights

You can export, correct, or delete your data at any time. Most of it is already exposed in the dashboard. For anything else, email support@hangar.so and we’ll handle it within 30 days.

If you’re in the EU, UK, or California, those rights come from GDPR and CCPA. If you’re anywhere else, we offer them anyway.

Cookies

We set one essential session cookie so you stay logged in, and a CSP nonce cookie for security headers. That’s the full cookie list. No third-party analytics or advertising cookies are set by default.

Contact

Questions, complaints, or data requests: support@hangar.so. A real human reads every one.

See also: Terms of service.

Privacy — Hangar