AGORA PRIVACY POLICY

Effective Date: March 20, 2026

Agora Platforms, Inc. ("Agora," "we," "us," or "our") is committed to protecting your information. Please read this Privacy Policy ("the Policy") carefully as it sets out important information relating to how we handle your personal information.

HOW TO CONTACT US

Questions, comments, and requests regarding this Privacy Policy should be addressed to us via email at privacy@agoraintel.com or by regular mail at:

Agora Platforms, Inc.
c/o Alex Lan
WeWork, 535 Mission St, 14th Floor
San Francisco, CA 94105
USA

DATA PROTECTION OFFICER

Agora has appointed an internal data protection officer whom you may contact if you have any questions or concerns about our personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to our data protection officer:

Neil Song
Agora Platforms, Inc.
535 Mission St, San Francisco, CA 94105
neil@agoraintel.com

INTRODUCTION

This Policy sets out how we collect and use personal information, and your choices and rights regarding our use of your personal information. We recognize that information privacy is an ongoing responsibility, and we will update this Policy from time to time as we adopt new practices or policies.

This Policy applies when you:

  • Use our AI strategy platform as an enterprise customer to discover, evaluate, manage, and optimize AI solutions across your organization;

  • Visit our website or interact with our marketing materials;

  • Engage with our research or consulting services;

  • Provide product information to Agora as an AI vendor for inclusion in our product catalog.

This Policy applies whether you have provided the information directly to us or we have obtained it from publicly available sources.

Our websites and online services are for individuals who are at least 18 years old. Our online services are not designed to be used by individuals under the age of 18. We do not knowingly attempt to solicit or receive information from children.

  1. INFORMATION THAT WE COLLECT ABOUT YOU

1.1 Data Collection and Use

Information we collect directly from you includes:

  • Personal information such as name, job title, business email address, company name, and contact details;

  • Communications with you, including emails, support requests, and meeting correspondence.

We may also collect publicly available information about AI products and vendors (such as company websites, technical documentation, and industry publications) to maintain our product catalog and research database.

We use this information for certain activities, including:

  • Providing and operating our AI strategy platform;

  • Facilitating communication with enterprise customers and business contacts;

  • Conducting internal analysis and research to improve our existing products and services and create new products and services;

  • Administering our website, investigating any complaints, and providing customer service;

  • Sending marketing communications to business contacts regarding our services and products which may be of interest.

We use this information because:

  • It is necessary to perform our obligations or exercise our contractual rights;

  • It is necessary to comply with applicable laws or regulations;

  • We have a legitimate business interest to operate our business and maintain our AI strategy platform, provide and improve our services, and manage and promote our business and brand;

  • We have your consent (where required under applicable law) to use your information for marketing. Where we rely on your consent, you have the right to withdraw consent by contacting us.

Information we collect from Enterprise Platform Customers:

Our platform serves enterprise customers who use Agora as an intelligence layer to manage, evaluate, and optimize their AI portfolios. Depending on the engagement, this may involve ingesting internal customer data through read-only data connectors, API integrations, manual uploads, or AI-powered interviews with customer employees.

Categories of information we collect include:

  • Information you provide during registration and account creation, such as name, business email address, job title, company name, company size, and industry;

  • Specific research requests, including AI product criteria, use cases, budget constraints, technical requirements, and business objectives;

  • Usage information about how you interact with our platform, including searches conducted, products viewed, reports accessed, and features used;

  • Communications with our research and consulting teams;

  • Information about your product evaluation process, vendor interactions, and implementation requirements;

  • Internal operational data provided by or on behalf of the customer, which may include AI tool usage logs, chat logs, spend and procurement records, meeting notes, employee surveys, internal documents, security and compliance logs, and other materials provided via manual upload, file export, or read-only API-based data connectors (e.g., connections to tools such as Glean, OpenAI, GitLab Duo, Cursor, or similar platforms as agreed in the applicable Order Form);

  • Responses and feedback collected through Agora's AI Interviewer feature, where we conduct structured AI-powered interviews with designated customer employees to gather qualitative insights on AI tool usage, workflows, and needs. Interview participants are identified by the customer, and participation is coordinated through the customer organization;

  • Internal company documents uploaded for competitive intelligence, benchmarking, or portfolio analysis purposes.

Deployment: The platform may be deployed via Agora's cloud infrastructure or within the customer's own cloud environment (e.g., on-premises GCP deployment), as specified in the applicable agreement. Where the platform is deployed within the customer's environment, all customer data remains within that environment and does not leave the customer's infrastructure.

We use this information for certain activities, including:

  • Providing access to our AI strategy platform, research database, and product catalog of 6,000+ AI solutions;

  • Making personalized AI product recommendations based on your specific criteria;

  • Conducting custom research, discovery projects, and consulting services on your behalf;

  • Performing vendor due diligence, evaluation, and competitive intelligence analysis;

  • Building and maintaining portfolio views of the customer's AI tools, including usage analytics, cost allocation, and ROI measurement;

  • Detecting governance issues such as usage drift, out-of-scope behavior, and policy violations across the customer's AI deployments;

  • Synthesizing qualitative feedback from AI interviews to identify adoption patterns, workflow gaps, and opportunities for new AI initiatives;

  • Generating reports, visualizations, and strategic recommendations for customer stakeholders;

  • Improving our platform and services;

  • Analyzing trends in AI product adoption and buyer needs;

  • Sending you relevant updates about AI products and market trends;

  • Facilitating connections with relevant AI vendors when appropriate.

We use this information because:

  • It is necessary to perform our obligations or exercise our contractual rights;

  • It is necessary to comply with applicable laws or regulations;

  • We have a legitimate business interest to provide and improve our research and consulting services, operate our AI strategy platform, analyze market trends and buyer needs, and manage and promote our business and brand;

  • We have your consent (where required under applicable law) to use your information for marketing. Where we rely on your consent, you have the right to withdraw consent by contacting us.

Information we collect from AI Vendors:

Our platform maintains a catalog of AI products to support our customers' evaluation and discovery needs. In some cases, AI vendors may provide information directly to Agora for inclusion in this catalog.

Categories of information we may collect include:

  • Company information, including company name, website, headquarters location, and company size;

  • Product information, including descriptions, features, capabilities, technical architecture, pricing models, and deployment options;

  • Contact information for key personnel;

  • Compliance and security documentation;

  • Case studies, customer testimonials, and integration details.

We use this information to maintain our product catalog, create product profiles and comparison materials, include products in research and recommendations for our enterprise customers, and analyze market trends. We use this information on the basis of our legitimate business interests and, where applicable, our contractual obligations to vendors.

Information we collect from users of our website:

Categories of information we collect about you include:

  • Information you provide when you enter information on our website, such as when you provide contact details, answer online questionnaires, or feedback forms;

  • Information you provide when you subscribe to email newsletters such as name, email address, and job title;

  • Information you provide when registering for an account, including name, business email address, job title, organization, and direct telephone number;

  • Where you have an account, log-in credentials and information about your use of and preferences for our services.

We use this information for certain activities, including:

  • Enabling you to access your Agora account across devices;

  • Personalizing your experience of our website and platform;

  • Administering our website and platform;

  • For internal analysis and research to help us improve our existing products and services and create new products and services;

  • Providing more customized client service;

  • Investigating complaints.

We use this information because:

  • It is necessary to perform our obligations or exercise our contractual rights;

  • It is necessary to comply with applicable laws or regulations;

  • We have a legitimate business interest to promote our brand and business through our website, monitor, investigate, and report any attempts to breach the security of our website, provide and improve our services, and operate our business;

  • We have your consent (where required under applicable law) to use your information for marketing. Where we rely on your consent, you have the right to withdraw consent by contacting us.

Information we collect about the use of our website:

Categories of information we collect about you include:

  • Information captured in our web logs such as device information (e.g., device brand and model, screen dimensions), unique identification numbers (e.g., IP address and device ID), and browser information (e.g., URL, browser type, pages visited, date/time of access);

  • Information captured by our cookies (see Section 8 below).

We use this information for certain activities, including:

  • Personalizing the experience of our website;

  • Administering our website;

  • Performing statistical and trend analysis to improve the user experience and performance of our website;

  • Providing better, more customized client service;

  • Detecting and preventing fraudulent and/or unlawful use of our website, products, and services;

  • Investigating any complaints.

We use this information because:

  • It is necessary to comply with applicable laws or regulations;

  • We have a legitimate business interest to monitor, investigate, and report any attempts to breach the security of our websites, improve the performance and user experience of our websites, and customize the client experience.

1.2 Further Information

Where we collect and use information for our legitimate interests as mentioned above, a legitimate interest will only apply when we consider that your interests or rights requiring protection of your personal information do not override our legitimate interests. For more information regarding our legitimate interests as applied to your personal information, please contact us.

In certain circumstances, if you do not provide personal information which is required (for example, in relation to activating your Agora annual license), we will not be able to perform our contractual obligations or provide you with products and services. When this is the case, we will make it clear.

General Benchmarking and Research Purposes: Agora may use information provided by AI vendors, collected from public sources, or gathered through buyer interactions (collectively "Research Data") for validation, research, benchmarking purposes, and product development. Unless otherwise specified prior to collection, Research Data will be disclosed in the aggregate and presented in anonymous form and will not include (directly or by inference) any information identifying specific organizations or individuals as the source of such data, except where vendors have explicitly authorized us to share their information with buyers. Access to Research Data will be restricted to those individuals who need such access to deliver Agora products and services.

  1. WHEN WE DISCLOSE YOUR PERSONAL INFORMATION

We may disclose your personal information to third parties as follows:

  • When we have your consent or authorization to do so;

  • To enterprise customers using our platform, we may share AI vendor product information as part of our product catalog and research services;

  • To third parties who work on our behalf to service or maintain business contact databases and other IT systems, such as suppliers of the IT systems which we use to process personal information, or who provide other technical services, including third-party AI model providers used to power platform features;

  • To third parties providing services to us or on our behalf who have a need to access your information, such as our professional advisors (e.g., auditors and lawyers);

  • To comply with applicable laws, protect rights, safety, and property, and respond to lawful requests from public authorities (e.g., disclosing data in appropriate situations for national security or law enforcement purposes);

  • Subject to applicable law, in the event that Agora is merged, sold, or in the event of a transfer of some or all of our assets (including in bankruptcy), or in the event of another corporate change, in connection with such a transaction, or for pre-transaction review in relation to such transactions.

Your personal information may be shared if we anonymize and/or aggregate it, as in these circumstances the information will cease to be personal information.

A list of our third-party sub-processors is available upon request. Please contact privacy@agoraintel.com to obtain a current copy. We will notify customers at least thirty (30) days in advance of any additions to or removals from our sub-processor list.

We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.

Third-Party AI Model Providers: Our platform utilizes third-party AI models to process data and generate intelligence outputs. We maintain agreements with all third-party AI model providers to ensure that no customer data is used to train, fine-tune, or improve any provider's models, and that no customer data is retained by such providers after processing is complete. For further details on our data handling practices with enterprise customers, please refer to our Terms and Conditions.

Data Ownership and Usage Rights

For Enterprise Platform Customers:

  • Custom Research and Deliverables: Any custom research, analysis, reports, or deliverables we produce specifically for you based on your data and requirements remain confidential to you and will not be shared with other parties without your explicit consent.

  • Your Internal Data: Customer data provided through data connectors, uploads, or AI interviews is used solely to provide the platform and services to that customer. It is not shared with other customers or used to benefit other engagements.

  • Collected Intelligence: Information we gather from AI vendors, public sources, or third-party sources in the course of serving you becomes part of our broader product intelligence database. We own this data and may use it to serve other clients, create market reports, and improve our platform.

  • Your Logo: We may display your company logo as a client reference, but we will not publicly disclose the specific nature of our work together without your explicit consent.

For AI Vendors:

  • Product Information: AI vendor information provided to Agora or collected from public sources may be included in our product catalog and shared with enterprise customers as part of our research and evaluation services.

  • Market Intelligence: We may use vendor information in aggregate market analyses, trend reports, and benchmarking studies.

  1. DATA SUBJECT RIGHTS

In certain circumstances, you have certain rights regarding your personal information. A summary of each right and how you can exercise it is set out below. To exercise any of your rights, please email us at privacy@agoraintel.com. Such requests should include information to allow us to verify your identity (e.g., your name, address, email address, or other information reasonably required). If you are a California resident, please refer to Section 10 below for more detailed information on your rights under California law.

Where we receive your request to exercise one of these rights, we will respond without undue delay and within the time required by applicable law. This may be extended in certain circumstances, for example where requests are complex or numerous.

We will provide the information free of charge, except where requests are manifestly unfounded or excessive, for example because of their repetitive character. In these circumstances we may charge a reasonable fee or may refuse to act on the request. We will advise you of any fees prior to proceeding with a request. We may ask for additional information to verify your identity before carrying out a request.

Right to access and/or correct your personal information: You have the right to access personal information we hold about you and to be provided with a copy of the information (in most circumstances). You also have the right to correct any information we may hold about you that is inaccurate.

Right to restrict use of your personal information: You have the right to ask us to restrict processing of your personal information where one of the following applies: the processing is unlawful but you want us to restrict use of the data instead of deleting it; where you contest the accuracy of your personal information, the restriction will apply until we have verified the accuracy or corrected your personal information; we no longer require the personal information for the purposes of processing, but are required to keep it in connection with a legal claim; or you have exercised your right to object to the processing, and the restriction will apply until we have taken steps to verify whether we have compelling legitimate grounds to continue processing.

Right to request deletion of your personal information: You have the right to ask us to delete your personal information in certain circumstances. If you want to opt out from receiving marketing communications, the best way to do so is to allow us to retain your information with a "do not contact" tag so we know not to contact you in the future. There are certain exceptions where we may refuse a request for erasure, for example where the personal information is required to comply with a legal obligation or for the establishment, exercise, or defense of legal claims.

Right to object to processing of your personal information: You may object to our use of your personal information for marketing purposes. You may also object to processing of your personal information in cases where we have used legitimate interests as the basis for processing. In such cases, we will stop processing your personal information until we verify that we have compelling legitimate grounds for processing that outweigh your interests, rights, and freedoms in asking us to stop processing the data, or in limited cases where we need to continue processing the data for the establishment, exercise, or defense of legal claims.

Right to data portability: In most cases, you have the right to receive all personal information you have provided to us in a structured, commonly used, and machine-readable format and to transmit this data to another data controller, where technically feasible.

Right to lodge a complaint with a supervisory authority: If you object to our processing of your personal information, you have the right to complain to the data protection authority ("DPA") in the country where you reside, where you work, or where the alleged infringement of data protection laws has taken place. We agree that any disputes regarding our privacy policies and related actions regarding personal information from data subjects in the EU can be heard by a DPA and we will be subject to the determination of those bodies. Please contact us to be directed to the relevant DPA.

  1. INTERNATIONAL TRANSFERS

Agora is headquartered in the United States. Information we collect about you will be processed in the United States. By using Agora's services, you acknowledge that your personal information will be processed in the United States.

We may transfer and maintain the personal information of individuals covered by this Policy on servers or databases outside the European Economic Area ("EEA"). Some of these countries may not have the equivalent level of protection under their data protection laws as in the EEA. The United States has not sought nor received a finding of "adequacy" from the European Union under Article 45 of the GDPR.

We implement appropriate safeguards for international data transfers, including Standard Contractual Clauses where required, and maintain consistent technical, physical, and administrative security controls across all locations. We also enter into data processing agreements and model clauses with our vendors whenever feasible and appropriate.

We may also collect and transfer personal data to the U.S. with consent, to perform a contract with you, or to fulfill a compelling legitimate interest in a manner that does not outweigh your rights and freedoms.

  1. RETENTION PERIODS

We will retain your personal information for as long as required to perform the purposes for which the data was collected, depending on the legal basis for which that data was obtained and/or whether additional legal or regulatory obligations require us to retain it.

In general terms, this will mean that your personal information will be kept for the duration of our relationship with you and:

  • The period required by tax and company laws and regulations; and

  • As long as it is necessary for you to be able to bring a claim against us and for us to be able to defend ourselves against any legal claims. This will generally be the length of the relationship plus the length of any applicable statutory limitation period under local laws.

Enterprise Platform Customers: Upon termination or expiration of a services agreement, we will, at the customer's written request made within thirty (30) days of termination, return or make available for export all customer data in a commercially standard format. Following such return (or upon expiration of the 30-day request period), we will delete customer data from our systems within thirty (30) days, except to the extent retention is required by applicable law. Operational logs containing customer data inputs and outputs are retained for ninety (90) days for service reliability and debugging purposes and are automatically purged thereafter. Custom research and deliverables produced specifically for a customer will be deleted or anonymized upon account closure. For full details, please refer to our Terms and Conditions.

AI Vendors: Product information provided by or collected about AI vendors may be retained in our product catalog as part of our ongoing research database. Vendors may request updates to inaccurate information or removal subject to our legitimate business interests.

  1. CHOICES ABOUT YOUR INFORMATION

We believe it is important to give you choices about the use of your information. We will use your information as described in this Policy. If we want to use your information for a purpose not described in this Policy, we will first get your consent to do so.

Marketing Communications: We will respect your wishes not to receive marketing communications. You can change your marketing preferences by contacting us at privacy@agoraintel.com. If you gave us your email address to receive marketing communications, you can opt out at any time by using the unsubscribe links or instructions included at the bottom of our emails. Please note that we will continue to send you service-related communications regardless of any opt-out request. We will not sell or share your information with third parties for their own promotional or marketing purposes.

  1. SECURITY

We have implemented administrative, technical, and physical security measures to help prevent unauthorized access to personal information. These measures include encryption of data at rest and in transit, multi-factor authentication requirements for access to production systems, role-based access controls, and least-privilege access principles. Where customer data may contain personally identifiable information, we offer PII redaction as a preprocessing step prior to data ingestion.

Despite these measures, no data transmission over the Internet can be entirely secure, and we cannot guarantee or warrant the security of any information you transmit via our websites or applications. Please note that you are responsible for maintaining the security of your credentials used to access any Agora service or account, and you must report suspected unauthorized activity to us.

We make reasonable efforts to restrict access to information to only those employees, contractors, and agents who need such access in order to operate, develop, improve, or deliver our programs, products, and services. Customer data is not subject to routine human review by our employees or contractors. Access is limited to authorized personnel only where necessary for technical support, security incident response, or compliance with legal obligations, and such access is governed by internal access controls and confidentiality obligations.

Incident Notification: In the event of a confirmed security breach or unauthorized access to personal information, including breaches involving a third-party provider, we will notify affected individuals within twenty-four (24) hours of confirmation, or sooner if required by applicable law or the terms of any applicable Data Processing Addendum.

For enterprise platform customers, additional security terms and data handling commitments are set forth in our Terms and Conditions and any applicable Data Processing Addendum.

  1. COOKIES AND SIMILAR TECHNOLOGIES

A cookie is a small text file which includes a unique identifier that is sent by a web server to the browser on your computer, mobile phone, or any other internet-enabled device when you visit an online site. Cookies and similar technologies are widely used to make websites work efficiently and to collect information about your online preferences.

We use cookies and similar technologies to:

  • Keep you signed in to your account;

  • Understand how you use our platform;

  • Personalize your experience;

  • Improve our services;

  • Analyze platform performance.

We also include web beacons in email messages or newsletters to track whether you open the messages. We use this information to customize our services and measure the overall effectiveness of our communications.

If you wish to manage your cookie preferences, you can do so through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling cookies may affect the functionality of our platform.

  1. THIRD-PARTY LINKS AND SERVICES

We provide links to other websites or resources that are not part of the products, programs, or services run by Agora. We do not control these websites or their privacy practices, and any information you provide to these sites is subject to the privacy policies of those sites and not this Policy.

Our platform may also contain features that connect to third-party services. If you choose to share information from the Agora website or platform through these services, you should review the privacy policy of that service.

  1. CALIFORNIA PRIVACY RIGHTS AND NOTICE OF COLLECTION

California law requires us to provide California residents with additional information regarding how we collect, use, and share your personal information.

Categories of personal information we collect: In Section 1 above, and otherwise throughout this Policy, we discuss in detail the specific pieces of information we collect from and about users. The categories of personal information we collect are: identifiers (such as name and title, contact details, and company name); commercial information (such as products or services purchased or considered); internet or other network or device activity (such as browsing history); professional information (such as job title, company, and industry); and other information that identifies or can be reasonably associated with you.

Use of categories of personal information: We use the categories of personal information identified above for the purposes described in Section 1 of this Policy.

Sale of Personal Information: We do not sell your personal information and have not done so in the past twelve months.

Sharing of Personal Information: We share certain information as set forth in Sections 1 and 2 of this Policy. You can opt out of sharing your personal information for cross-context behavioral advertising by emailing us at privacy@agoraintel.com.

Individual Rights: California law provides you with the following rights: the right to know (request categories and specific pieces of personal information we have collected about you in the last twelve months); the right to access (request access to and a copy of your personal information); the right to delete (request deletion of your personal information); the right to correct (request correction of inaccurate personal information); and the right to non-discrimination (we will not discriminate against you for exercising your rights).

Exercising Your Rights: To exercise any of these rights, please email us at privacy@agoraintel.com. You will be required to verify your identity before we fulfill your request. You can also designate an authorized agent to make a request on your behalf by providing written authorization. We will respond to your request within 45 days.

Do Not Track Signals: We do not currently respond to "Do Not Track" signals from web browsers.

  1. NEVADA PRIVACY RIGHTS

Nevada law requires us to provide certain Nevada consumers the ability to opt out of the "sale" of "personally identifiable information" as such terms are defined under Nevada law. We do not engage in such activity; however, if you are a Nevada resident who has purchased goods or services from us, you may submit a request to opt out of any potential future sales under Nevada law by emailing privacy@agoraintel.com.

  1. EEA AND UK PRIVACY RIGHTS

This section applies to individuals based in the EEA and UK.

Legal Basis for Processing: We collect and process personal information about you only where we have a legal basis for doing so. These bases include: your consent, where appropriate or legally required; performance of contract, where we need to provide our services under our agreement with you; legitimate interests, where we need to operate our AI strategy platform and improve our services; and compliance with laws, where we need to comply with legal obligations.

Your Privacy Rights: You have the following rights related to your personal information: the right of access (request access to your personal information and information about how we use it); the right to rectification (request correction of inaccurate or incomplete information); the right to data portability (request a copy of your information in a structured, machine-readable format); the right to erasure (request deletion of your personal information in certain circumstances); the right to restriction of processing (request that we stop processing your information in certain circumstances); the right to object (object to our processing based on legitimate interests); and the right to withdraw consent (withdraw consent where you have provided it).

Exercising Your Rights: To exercise any of these rights, please contact us at privacy@agoraintel.com. We will respond to your request within 30 days. If you have unresolved concerns, you have the right to complain to your local data protection authority.

  1. CHANGES TO THIS POLICY

From time to time, we may change and/or update this Policy. If this Policy changes in any way, we will post an updated version on our website. We recommend you regularly review our website to ensure that you are always aware of our information practices and any changes to such. Any changes to this Policy will go into effect on posting to the relevant page.

HOW TO CONTACT US

Questions, comments, and requests regarding this Privacy Policy should be addressed to:

Agora Platforms, Inc.
c/o Alex Lan
WeWork, 535 Mission St, 14th Floor
San Francisco, CA 94105
USA

Email: privacy@agoraintel.com

(c) 2026 Agora Platforms, Inc. All rights reserved.