What we store
Run metadata — agent name, status, duration, token counts, cost, and errors. That’s it. We do not store your prompts, LLM responses, or any content from your agent unless you explicitly enable capture_io=True.
Security
How Farol handles your data — no jargon, no vague promises.
Prompts are never stored by default
By default, Farol only tracks metadata. To store prompt inputs and outputs, you must explicitly set capture_io=True in the @trace decorator. Even then, inputs and outputs are truncated at 50,000 characters. Never enable this for sensitive or regulated data.
Encrypted in transit and at rest
All data is encrypted in transit using TLS 1.3. Data at rest is encrypted using AES-256 via Supabase’s managed infrastructure. Your API keys are never stored in plain text.
Your data stays in the EU
Farol runs on Supabase hosted in AWS eu-west-3 (Paris, France). Your data never leaves the European Union. We do not transfer data to third-party analytics or advertising services.
You can only see your own data
Row-level security (RLS) is enforced on every database table. Your runs, traces, and settings are completely isolated from other users — even at the database level. Farol staff cannot query your data without direct database access.
Delete everything, anytime
Go to Account settings → Danger Zone → Delete account. All your runs, traces, spans, API keys, and settings are permanently deleted within 24 hours. No backups retained. This action is irreversible.
GDPR compliance
Farol is operated from the European Union and stores all data in EU infrastructure. As a user you have the right to access, correct, and delete your personal data at any time. To exercise these rights, delete your account from settings or contact support@usefarol.dev. See our full Privacy Policy for details.