Privacy & Security

Data Handling

Gyld takes data security seriously. Here's how your data is handled:

• •App connections use OAuth — Gyld never stores your passwords. Connections can be revoked at any time from the app provider's security settings.
• •Conversation history is stored securely and isolated per user — no cross-user access.
• •Tool inputs and outputs are logged with automatic secret redaction (API keys, tokens, passwords are stripped).
• •All data is transmitted over HTTPS/TLS encryption.

Audit Logs

Every action your agents take is logged in an append-only audit trail. These logs are immutable — they cannot be modified or deleted by the application. Audit logs include:

• •Which agent performed the action.
• •What tools were called and when.
• •Success or failure status of each action.
• •Credit cost and token usage.
• •Redacted tool inputs and outputs for traceability without exposing secrets.

Account Security

• •Authentication is handled via Supabase Auth with email/password or social providers.
• •Row-level security ensures you can only access your own data.
• •API keys for programmatic access can be generated and revoked from settings.
• •Session management lets you see and revoke active sessions.