Last updated: April 4, 2026
Veto (“we”, “us”) is a runtime authorization engine for AI agents. We take your privacy seriously — especially since our product is about controlling what AI can access.
Account data: When you sign up, we collect your name and email address via Clerk (our authentication provider).
Authorization logs: When your agents make authorization requests, we log the agent ID, tool name, parameters (with sensitive values redacted), the decision (allow/deny), and a timestamp. These logs are stored in your workspace and only accessible to you.
Usage data: We collect basic analytics (page views, feature usage) via Vercel Analytics to improve the product.
We never collect, store, or have access to: your agents' actual API keys or credentials, the content your agents process, or any data your agents read/write. Veto only sees the authorization request metadata — never the payload.
All data is stored on Neon (serverless Postgres) with encryption at rest. API traffic runs through Cloudflare Workers at the edge. We do not sell or share your data with third parties.
Audit log retention depends on your plan (7 days on Free, 90 days on Pro, unlimited on Enterprise). You can request deletion of your account and all associated data by contacting us at hello@veto.tools.
Questions about privacy? Email hello@veto.tools.