AskFirst Logo
How it worksIntegrationsPricing
Join waitlist
Legal

Privacy Policy

Last updated: June 16, 2026

On this page
  1. Overview
  2. Who we are
  3. What we collect
  4. How we use it
  5. Legal bases
  6. Sharing & processors
  7. Data retention
  8. Security
  9. International transfers
  10. Your rights
  11. Cookies
  12. Children
  13. Changes
  14. Contact

This Privacy Policy explains how AskFirst collects, uses, shares, and protects personal data when you visit aiskfirst.com, join our waitlist, or use the AskFirst API and related services (the "Service"). We aim to collect only what we need to run the Service well.

01 Overview

AskFirst is a human-in-the-loop approval layer for AI agents. To provide it, we process a small amount of personal data — primarily email addresses and the approval-related information you choose to send through the Service. We do not sell your personal data.

02 Who we are

The Service is operated by AskFirst ("AskFirst", "we", "us"). For privacy questions, contact us at privacy@aiskfirst.com. Where data-protection law applies, we act as the controller for data about our website visitors and account holders, and as a processor for the approval content you submit on behalf of your own users.

03 What we collect

CategoryExamplesSource
Waitlist dataEmail address you submit to join the waitlistYou
Account dataName, email, organization, and login credentials (when accounts launch)You
Approval contentQuestions, context, metadata, decisions, and timestamps in your Approval Requests; Approver email addresses you provideYou / your Agent
Audit recordsWho approved or denied what, when, and the resulting decision logGenerated by the Service
Billing dataPlan, billing contact, and payment confirmation (card details are handled by our payment processor, not stored by us)You / payment processor
Technical dataIP address, device/browser type, API request logs, and basic usage analyticsAutomatically

Please avoid putting sensitive personal data (such as health, financial, or government-ID details) into Approval Request questions or context unless it is necessary and you have a lawful basis to do so.

04 How we use it

  • To provide the Service — routing Approval Requests, notifying Approvers, returning decisions, and keeping audit logs;
  • To manage the waitlist and send you a notification when we launch;
  • To create and administer your account and process payments;
  • To secure the Service, prevent abuse, and debug issues;
  • To understand usage and improve features and reliability;
  • To communicate with you about the Service, and (where permitted) about product updates — you can opt out of marketing at any time;
  • To comply with legal obligations and enforce our Terms.

05 Legal bases (where GDPR applies)

  • Contract— to provide the Service you've requested and manage your account;
  • Consent — for joining the waitlist and for optional marketing emails;
  • Legitimate interests — to secure, maintain, and improve the Service, where not overridden by your rights;
  • Legal obligation — to meet accounting, tax, and compliance requirements.

06 Sharing & processors

We do not sell your personal data. We share it only with service providers ("sub-processors") who help us run the Service, under appropriate contracts, and where required by law. Typical categories include:

  • Email & notification providers — to deliver waitlist confirmations and Approval Request notifications;
  • Messaging integrations — e.g., Slack, when you enable them;
  • Payment processor — to handle subscriptions and billing;
  • Hosting & infrastructure — to host the Service and store data;
  • Analytics & error monitoring — to keep the Service reliable.

At present we use Resend to deliver waitlist confirmations and email notifications, Slack to deliver notifications when you enable that integration, a third-party payment processor for paid plans, and a hosting provider to run the Service. We keep this list current as our providers change. We may also disclose data if required by law or to protect our rights, users, or the public.

07 Data retention

We keep personal data only as long as needed for the purposes above. Waitlist emails are kept until launch and then either migrated to your account (with notice) or deleted on request. Audit logs are retained for the period associated with your plan and are deleted or anonymized within 12 months of account closure. We respond to deletion requests within 30 days unless a longer period is required by law.

08 Security

We use reasonable technical and organizational measures — such as encryption in transit, access controls, and API-key authentication — to protect personal data. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. If a breach affects your data, we will notify you as required by law.

09 International transfers

We and our providers may process data in countries other than yours. Where required, we use appropriate safeguards (such as standard contractual clauses) to protect data transferred across borders.

10 Your rights

Depending on where you live (e.g., under the EU/UK GDPR or similar laws), you may have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate data or complete incomplete data;
  • Delete your data ("right to be forgotten");
  • Restrict or object to certain processing;
  • Receive your data in a portable format;
  • Withdraw consent at any time (including unsubscribing from emails);
  • Lodge a complaint with your local data-protection authority.

To exercise any of these, email privacy@aiskfirst.com. We will respond within the timeframe required by applicable law.

11 Cookies

Our website currently uses only the minimal cookies and similar technologies needed to operate the site and submit the waitlist form. We do not currently set advertising cookies or third-party tracking. If we add analytics or marketing cookies in the future, we will describe them here and provide a consent mechanism where required. You can control cookies through your browser settings.

12 Children

The Service is not directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us data, contact us and we will delete it.

13 Changes to this policy

We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, for material changes, provide additional notice where appropriate.

14 Contact

Questions or requests about your privacy? Contact privacy@aiskfirst.com.

AskFirst Logo
Terms & ConditionsPrivacy Policy

© 2025 AskFirst. Built for AI agent builders.