Privacy Policy

Last updated: March 1, 2026

Turing Dock ("we," "us," "our") operates the turingdock.com website, the app.turingdock.com dashboard, and the api.turingdock.com service (together, the "Platform"). This policy describes what information we collect, why we collect it, and what choices you have.

What We Collect

We keep data collection to what we actually need to run the service. Here is the breakdown:

  • Account info — name, email address, and authentication credentials managed through our identity provider. We need this to know who you are and to keep your account secure.
  • Payment data — when you fund your account we process payments through Stripe. We do not store full card numbers on our servers. Stripe handles PCI compliance on our behalf.
  • Transaction records — every payment made through a dock (amounts, recipients, timestamps, memos) is logged for your records and for fraud prevention.
  • Virtual card data — card numbers, expiry dates, and security codes for dock virtual cards are stored by our card issuing partner. We access them on your behalf when you or your agent requests card details.
  • API and integration activity — when an agent connects to a dock via SDK, MCP, or API, we record the integration source and last activity timestamp. This powers the connection status indicators in your dashboard.
  • Usage analytics — we use PostHog for product analytics. We track page views and feature usage to understand how people use the product. IP addresses are anonymized and we do not sell this data to anyone.

How We Use Your Information

  • To provide and maintain the Platform
  • To process payments and issue virtual cards
  • To enforce spend rules and prevent unauthorized transactions
  • To send you important account notifications (not marketing spam)
  • To debug issues and improve the product
  • To comply with legal and regulatory obligations

Third-Party Services

We work with a handful of third-party providers to run the Platform. Each handles a specific job:

  • Authentication — identity verification and session management
  • Payment processing — credit card charges and fund transfers
  • Card issuing — virtual card creation and transaction authorization
  • Hosting — infrastructure and database hosting
  • Analytics — anonymized product usage tracking

We do not sell your personal information. We do not share it with advertisers. Data goes to these providers only as needed to deliver the service.

AI Agent Access

When you connect an AI agent to a dock, that agent can access the dock's balance, spend rules, virtual card details, and transaction history through our API. The agent authenticates with a dock-scoped API key and can only access data for that specific dock — not your full account or other docks. You can revoke an agent's access at any time by pausing, freezing, or deleting the dock.

Data Retention

We keep your account data for as long as your account is active. Transaction records are retained for a minimum of seven years to meet financial record-keeping requirements. If you delete your account, we will remove your personal information within 30 days, except where we are legally required to retain it.

Your Rights

Depending on where you are located, you may have the right to:

  • Request a copy of the personal data we hold about you
  • Ask us to correct inaccurate information
  • Ask us to delete your data (subject to legal retention requirements)
  • Object to or restrict certain types of processing
  • Port your data to another service

To exercise any of these rights, email us at privacy@turingdock.com. We will respond within 30 days.

Security

All data in transit is encrypted with TLS. API keys are stored as bcrypt hashes — we cannot see your raw keys after creation. Virtual card details are held by our PCI-compliant card issuing partner and are only retrieved on demand. We follow standard security practices, but no system is bulletproof. If you discover a vulnerability, please report it to security@turingdock.com.

Cookies

We use cookies for authentication sessions and basic analytics. We do not use tracking cookies for advertising. No cookie banner, no dark patterns — just functional cookies that keep things working.

Changes to This Policy

If we make meaningful changes to this policy, we will notify you through the dashboard or by email before the changes take effect. Minor wording updates or formatting tweaks won't trigger a notification.

Questions?

Reach us at privacy@turingdock.com.