Does Sill process payments?

No. Sill evaluates and signs mandates; payment authorization stays with the merchant's existing processor (such as Stripe). Sill never custodies funds — the processor holds the card, authorizes the charge, settles, and pays out.

Does Sill replace Stripe or a merchant's commerce stack?

No. Sill sits in front of the merchant's existing commerce stack. Approved actions are forwarded to the merchant's checkout, refund, or order systems unchanged. The merchant keeps the same processor, platform, and data ownership.

Can AI agents complete checkout without merchant approval?

Only if the merchant allows it. Each merchant defines what agents can do unattended and what requires human review (such as high-value purchases, refunds, or account changes). The default policy ships conservative.

What does the free Discovery plan do?

Discovery identifies AI-agent traffic in a merchant's logs and publishes agent-readable manifests — including a per-site signed A2A agent card, a per-site MCP server, and a per-site signed ARD ai-catalog — so well-behaved agents can discover the site's endpoints. It is free and provides visibility immediately. There is no payment authorization or transactional authority in Discovery mode.

Can a merchant block unknown or unverified agents?

Yes. The default policy declines mandates from unsigned or unverified agents. Merchants can allowlist specific agent identities, require minimum verification levels, and rate-limit by principal.

Can third parties independently verify Sill's signatures?

Yes. Sill's signing key is published at a public JWKS endpoint (https://edge.sill.so/.well-known/jwks.json). The signed A2A agent card and the signed ARD ai-catalog can be verified by anyone using only published standards — RFC-8785 JCS canonicalization and ed25519 — with no access to Sill's internal code.

Privacy Policy

Effective: 21 June 2026 · Sill Labs Inc.

This policy explains how Sill Labs Inc. (“Sill,” “we,” “us”) handles personal data in connection with the sill.so website, the Sill dashboard, and the Sill service. We sell trust and governance infrastructure; keeping this description accurate to what the product actually does is part of the product.

01Who we are, and our two roles

Sill Labs Inc. is the data controller for personal data about our own website visitors and dashboard users — for example, the email and name you use to sign in. For this, the controller is Sill Labs Inc., and you can reach us at [email protected].

For personal data we process on behalf of a merchant who uses Sill — for example, signals about AI agents visiting the merchant’s site, or buyer details inside a transaction — the merchant is the controller and Sill acts as a processor under their instructions. If you are an end customer or your request concerns that data, please contact the merchant; we will support them in responding. The terms of that processing are set out in our Data Processing Addendum.

02Personal data we process

Category	What it includes	Legal basis (GDPR Art. 6)
Account & user data	Name, work email, role, and account membership for dashboard users.	Performance of a contract (Art. 6(1)(b))
Authentication metadata	Hashed magic-link tokens and hashed session identifiers (raw values are never stored), plus the IP address and user-agent recorded at sign-in for security and abuse-prevention.	Legitimate interests — account security (Art. 6(1)(f))
Agent-traffic signals	On a merchant’s site, the embed records the visiting agent’s user-agent, declared client hints, and the request origin. It does not read cookies, local storage, form data, query strings, or device fingerprints.	Processed for the merchant (controller); Sill acts as processor
Audit & mandate records	Signed records of governed actions: decision, policy version, rule trace, and a verified intent summary (action, merchant, SKU, amount). Records are append-only and Merkle-chained.	Processed for the merchant; legitimate interests / legal obligation for evidence
Buyer detail (transactional)	Where a transaction requires it, the buyer’s email, name, phone, and shipping address — stored encrypted (AES-256-GCM, per-row KMS-wrapped keys) with a per-account retention window. Full card numbers are never collected or stored.	Processed for the merchant (controller); Sill acts as processor
Connector credentials	Merchant platform access tokens (e.g. Shopify), stored encrypted. These are the merchant’s secrets, not personal data.	Performance of a contract (Art. 6(1)(b))

We do not collect or store full payment card numbers. In transactional mode, payments are authorized through the merchant’s payment processor (e.g. Stripe); Sill handles only opaque processor tokens. Sill never custodies funds.

We receive buyer details and agent-traffic signals from the merchant whose site you interacted with, and process them on that merchant’s behalf rather than collecting them from you directly.

03How and why we use personal data

—To provide, secure, and operate the dashboard and the Sill service.
—To authenticate sign-in (magic link) and protect accounts against abuse.
—To produce the signed, exportable audit records that are the core of the service.
—To suggest skills by analyzing a merchant’s own public website content.
—To communicate with you about your account and service-related matters.
—To comply with legal obligations and to establish, exercise, or defend legal claims.

We do not sell personal data, and we do not use it for third-party advertising. We do not run behavioral analytics or third-party tracking on our sites.

Where we rely on legitimate interests, those interests are securing accounts against abuse and maintaining tamper-evident evidence of governed actions. You can object at any time (see Section 8).

Automated evaluation. In transactional mode, an automated policy engine evaluates each agent action and returns allow, deny, or escalate; “escalate” routes the action to a human reviewer in the merchant’s organization. These decisions are made on the merchant’s behalf under the merchant’s configured policy — the merchant is the controller for them. Separately, we use an automated language model (operated by Anthropic) over a merchant’s own public website to suggest skills; this does not process buyer personal data. We do not use these systems to make decisions producing legal or similarly significant effects about you on our own behalf.

04Cookies and similar technologies

The Sill dashboard sets one strictly necessary cookie, sill_session, to keep you signed in. It is HttpOnly, Secure, scoped to .sill.so, and expires after 14 days. We do not set advertising or analytics cookies.

The Sill embed installed on a merchant’s site sets no cookies and uses no local storage; it sends a single beacon describing the visiting agent. Our web fonts are self-hosted and served from our own origin, so loading our pages makes no third-party font requests and shares your IP address with no font provider.

05Service providers (subprocessors)

We use a small set of vendors to run the service. We put data-protection terms in place with these providers as appropriate to their role. The current list:

Provider	Purpose	Data	Location
Amazon Web Services, Inc. (KMS, Secrets Manager, SES)	Key management, secret storage, and transactional email delivery (magic-link sign-in, operator notifications)	Recipient email address and message contents for email; encrypted key material and secrets (no personal-data plaintext)	United States (us-east-1)
Cloudflare, Inc.	Edge runtime, CDN, and hosting for the dashboard and marketing site; edge key-value cache and queues	Request metadata and IP at the edge; cached hashed site keys, public agent registry, and policy snapshots. No buyer personal data and no user sessions are stored in the edge cache.	Global edge network
Fly.io	Hosting for the origin API service	All application data in transit through the API (see categories in the Privacy Policy)	United States (iad / Virginia)
Neon, Inc.	Managed PostgreSQL database — the primary datastore	Account and user records, sessions (hashed), audit records, and encrypted buyer-detail / payload blocks	United States (us-east-1)
Anthropic, PBC	Large-language-model inference for merchant-site profile extraction (skill suggestions)	The merchant’s own public website and policy-page content (HTML-stripped). No buyer personal data.	United States

The subprocessor list for merchant data is also maintained in our Data Processing Addendum.

Connected services you authorize. When you connect your own payment or commerce providers, Sill exchanges data with them on your instruction. They act as independent controllers or as your own processors — not as Sill’s sub-processors:

Service	Role	Data	Location
Stripe, Inc.	Payment processing — independent controller; the merchant’s own connected account	Amount, currency, payment-method or token reference, connected-account id, and non-personal mandate metadata. No buyer name, email, or address.	United States / global
Shopify Inc.	Commerce platform — the merchant’s own connected store (their processor / independent controller)	Order and catalog operations; for order placement, buyer shipping address and line items are sent to the merchant’s Shopify store.	Canada / United States / global

06International data transfers

Sill operates in United States (AWS us-east-1 / Fly.io iad; Neon us-east-1). If you access the service from outside the United States, your personal data will be transferred to and processed in the United States. Where we transfer personal data of individuals in the EEA, the UK, or Switzerland, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses, as described in our DPA.

07How long we keep data

Data	Retention
Dashboard session cookie	14 days (rolling); cleared on sign-out
Magic-link sign-in tokens	Short-lived; expired tokens swept daily
Buyer detail (encrypted)	Per-account retention setting, 90 days by default, then the ciphertext is purged
Shopify order-state buyer fields	Minimized at rest (one-way email hash + encrypted display name); short-term class by default
Payment-token references (e.g. ACP)	Minutes — purged on a short cycle
Audit records	Retained for at least their classified period (30 days, 3 years, or 7 years); records are immutable and signed, and deletion of expired records is being rolled out

Buyer detail is stored encrypted and is purged automatically at the end of its retention window; account administrators can also purge the buyer detail on a specific audit record on request. Audit records are retained for the period set by their classification so they remain available as evidence.

08Your rights

Subject to applicable law, you have the right to access, correct, delete, restrict, or object to our processing of your personal data, to data portability, and to withdraw consent where processing is based on consent. To exercise any of these for data where Sill is the controller, email [email protected]. For data Sill processes on a merchant’s behalf, contact that merchant; we will assist them.

If you are in the EEA, the UK, or Switzerland, you may lodge a complaint with your local supervisory authority. If you are in the EEA or the UK and have questions about your rights, or about any representative we are required to designate under Article 27, contact our data-protection team at [email protected].

09How we protect data

—Encryption in transit (TLS) for all connections, including to the database.
—Encryption at rest for sensitive data using AES-256-GCM with per-row, KMS-wrapped data-encryption keys and purpose-scoped keys.
—ed25519 cryptographic signing of audit records, with an append-only, Merkle-chained, tamper-evident log enforced at the database level.
—Multi-tenant isolation enforced with PostgreSQL row-level security keyed to the account, failing closed; buyer-detail reads are additionally gated by user role.
—Card data minimization: only opaque processor tokens are handled; raw card numbers never enter any Sill system, enforced by an automated check in the build pipeline.
—Access logging of privileged actions, including any decryption or purge of buyer detail.
—Secrets held in a managed secrets store with least-privilege access; passwords and tokens stored only as hashes.

No system is perfectly secure, but these measures reflect how the product is actually built.

10Children

Sill is a business service and is not directed to children. We do not knowingly collect personal data from children.

11Changes to this policy

We may update this policy as the product evolves. We will revise the effective date above and, for material changes, take additional steps where required by law.

12Contact us

Sill Labs Inc. · Privacy: [email protected] · Legal: [email protected].

← Back to sill.so

Ready to see who's knocking?

Install Discovery in about 90 seconds and identify every AI agent reaching your storefront.

Check agent readinessFree Discovery · no card required