Legal

Privacy Policy

Effective: April 29, 2026

Rhatigan AGI LLC (d/b/a Rhatigan Labs) is a New Hampshire LLC. The Wisdom Layer SDK runs in your process — content never leaves your infrastructure.

The short version: The Wisdom Layer SDK runs on your infrastructure. Memory contents, directive bodies, prompts, and LLM responses never leave your hardware. Free installs send a small, anonymous counts-only telemetry payload (agent count, memory count, version, OS) by default to help us improve the SDK — you can opt out with one command. Pro and Team installs are opt-in only (off by default). Enterprise can disable telemetry contractually and supports air-gapped deploys.

1. Who We Are

Rhatigan AGI LLC (d/b/a Rhatigan Labs) (“we”, “us”) provides the Wisdom Layer SDK, a Python library for AI agent memory and reflection. Our website is wisdomlayer.ai.

2. What We Collect

We collect only the minimum data needed to operate the service:

Account data:

  • Email address (provided at signup)
  • Subscription tier and billing status
  • License key metadata (key prefix, tier, creation date, last validation)
  • ToS acceptance timestamp

Billing data:

License validation logs:

  • IP address and timestamp of license validation requests (retained 90 days)
  • Used solely for abuse detection and rate limiting

SDK telemetry (counts only):

  • A randomly generated install_id (UUID) created on first run and stored at ~/.wisdom_layer/install_id. Not linked to your email or license key.
  • Aggregate counts: number of agents, memories, messages over the last 30 days, atomic facts, dream cycles, active directives.
  • Environment: SDK version, operating system family, Python version, configured tier (free/pro/enterprise).
  • A timestamp of the snapshot.

Free installs send this payload once per day. Pro and Team installs do not send telemetry unless the user explicitly opts in. Enterprise installs default to off and may be configured for fully air-gapped operation. The payload contains no memory contents, no directive bodies, no prompts, no LLM responses, no API keys, no user data.

3. What We Do NOT Collect

Our service does not receive or store: agent memories, directives, dream journals, provenance logs, conversation content, embeddings, user prompts, or LLM responses. The SDK runs on your hardware; agent data stays on your hardware. The telemetry payload (Section 2) is counts and version metadata only — never content.

Note on cloud LLM adapters: if you configure the SDK to use a cloud LLM provider (Anthropic, OpenAI, Google, etc.), prompts and responses traverse that provider per their terms. The Wisdom Layer service does not see, route, or duplicate that traffic.

3a. Telemetry Opt-Out

You can opt out of telemetry at any time:

  • Per-install: run wisdom-layer telemetry off in your shell. The SDK writes an opt-out flag locally and stops sending payloads immediately.
  • Server-side wipe: the same command also calls our POST /v1/opt-out endpoint with your install_id. We add it to a deny-list (future payloads from that install_id are dropped before insert) and queue any existing rows for deletion within 30 days.
  • By email: if you no longer have access to the install, email privacy@wisdomlayer.ai with the install_id from ~/.wisdom_layer/install_id (or as much context as you have) and we will process the wipe manually.

4. How We Use Your Data

  • Account management and license key provisioning
  • Billing and payment processing (via Stripe)
  • Product announcements and security notifications (email, opt-out available)
  • Abuse prevention and rate limiting

5. Data Sharing

We share data only with:

  • Stripe — payment processing
  • Supabase — account database hosting (US region)

We do not sell, rent, or trade your personal information.

6. Data Retention

  • Account data: retained while your account is active, plus 30 days after deletion
  • Validation logs: 90 days
  • Billing records: as required by law (typically 7 years)
  • SDK telemetry (raw events): 12 months, after which raw rows are deleted and only aggregated daily rollups (counts by tier, version, OS) are retained indefinitely. Aggregated rollups contain no install-level identifiers.
  • Telemetry opt-out wipes: existing rows for the opted-out install_id are deleted within 30 days of the opt-out request.

7. Your Rights

You may:

  • Access your account data by emailing us
  • Correct inaccurate information
  • Delete your account (email jeff@rhatigan.ai)
  • Export your account data
  • Opt out of non-essential communications

For GDPR data subject requests regarding data processed by the SDK (which runs on your infrastructure), see the SDK documentation on memory.forget_subject() and memory.export_subject().

8. Security

  • License validation API uses HTTPS exclusively
  • Database hosted on Supabase with encryption at rest
  • No plaintext secrets in the SDK; all keys are environment variables
  • Stripe webhook signatures verified on every event

9. Cookies & Third-Party Embeds

wisdomlayer.ai does not run analytics, advertising, or session-replay services, and we do not set first-party tracking cookies. The site loads a small number of third-party assets that may set their own cookies under their respective privacy policies:

  • Beehiiv — newsletter subscription form (embedded on the homepage and docs). See Beehiiv’s Privacy Policy.
  • img.shields.io — PyPI version badge (server-rendered, no client JS).
  • Stripe — on the signup & account flows only, for payment processing. See Stripe’s Privacy Policy.

Outbound links to GitHub, PyPI, Substack, and LinkedIn open in new tabs and are subject to those services’ own policies.

10. Children

The Software is not directed at children under 13. We do not knowingly collect data from children.

11. Changes

We may update this policy. Material changes will be communicated via email. The effective date at the top reflects the latest revision.

12. Contact

Questions or requests? Email jeff@rhatigan.ai.