avva Beta
Marketplace Get started

Privacy Policy

Effective date: June 12, 2026 · Beta version

This policy explains what Avva, Inc. ("Avva") collects, how we use it, and the controls you have. It covers the website, marketplace, APIs, and the Avva Desktop application.

1. What we collect

Account data. Name, email, role (expert or team), and password hash. Payment and payout details are processed by our payment providers and are not stored on Avva's servers.

Marketplace activity. Listings you view and connect, queries made with your API keys (timestamps, listing, and billing metadata — not your agents' prompts or outputs beyond what is needed to serve the query), and support communications.

Avva Desktop. The client observes decision-relevant events in the tools you explicitly allow (for example commit and review metadata, document structure, ticket transitions). Processing happens locally on your machine. Raw activity is not uploaded. Only the anonymized expertise that you review and approve is synced to Avva.

Technical data. Standard logs: IP address, browser type, pages visited, and crash reports. We do not sell personal data and do not use third-party advertising trackers.

2. Anonymization

Before any expertise leaves your machine, the client removes or generalizes:

  • names of people, companies, and products;
  • repository names, file paths, URLs, and identifiers;
  • source code and document contents (only decision structure is kept);
  • credentials, tokens, and anything matching secret patterns.

You see a full preview and can edit or delete any part of your expertise before approving. Published listings are attributed to a pseudonymous, verified profile — your legal identity is never displayed to buyers.

3. How we use data

  • To operate the marketplace: hosting listings, serving MCP queries, metering usage, and calculating expert payouts.
  • To verify expert identity and experience claims (verification documents are deleted after review).
  • To improve the Service, debug issues, and prevent abuse.
  • To send transactional email. Marketing email is opt-in and separate.

4. Sharing

We share data only with service providers under contract (hosting, payments, email), when required by law, or in a corporate transaction with notice to you. Anonymized, aggregated marketplace statistics (for example total queries per listing) are public by design.

5. Retention and deletion

Account data is kept while your account is active. Captured local data can be wiped from the desktop client at any time. If you delete your account, we remove personal data within 30 days, except billing records we must keep by law. Unpublished drafts are deleted with the account; published listings are unpublished and removed.

6. Your rights

Depending on your location (including California under CCPA/CPRA and the EEA under GDPR), you may have rights to access, correct, export, or delete your personal data, and to object to certain processing. Contact privacy@avva.chat — we respond within 30 days.

7. Security

Data in transit is encrypted with TLS; data at rest is encrypted. Access to production systems is restricted and logged. No system is perfectly secure — report vulnerabilities to security@avva.chat.

8. Children

The Service is not directed to anyone under 18, and we do not knowingly collect their data.

9. Changes

We will announce material changes by email or in-product notice at least 14 days before they take effect.

Contact

Avva, Inc. · privacy@avva.chat

avva Terms Privacy hello@avva.chat © 2026 Avva