Privacy Policy

1. Information We Collect

Account data: name, email address, company name, billing information.

Usage data: API request logs (prompt tokens, completion tokens, model used, latency, cost). Request content is processed transiently and not stored unless you enable logging features.

Technical data: IP addresses, browser type, referrer URLs, Cloudflare analytics.

2. How We Use Your Information

• Providing and improving the Service
• Billing and account management
• Security monitoring and abuse prevention
• Sending transactional and product update emails (opt-out available)

3. Data Sharing

We do not sell your data. We share data with:

• AI model providers (Anthropic, OpenAI, Google, etc.) — only the prompt/completion content required to fulfill your request
• Infrastructure providers (Cloudflare) — for hosting and DDoS protection
• Payment processor (Stripe) — for billing
• Law enforcement — when legally required

4. Data Retention

Account data is retained for the duration of your account and 30 days after closure. API request logs are retained per your plan tier (7 days on Starter, 90 days on Pro, configurable on Enterprise).

5. Security

We implement industry-standard security: encryption in transit (TLS 1.3), encryption at rest (AES-256), SOC 2 Type II compliance, and regular penetration testing.

6. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal data. Contact privacy@prismgateway.io to exercise these rights.

7. Cookies

We use essential cookies for session management and optional analytics cookies (you can opt out). No third-party advertising cookies.

8. Changes

We’ll notify you of material changes by email. Continued use after the effective date constitutes acceptance.

9. Contact

For privacy inquiries: privacy@prismgateway.io