Privacy Policy

We collect information you provide directly to us when you create an account, use our services, or communicate with us. This includes: • Account information: name, email address, password, and company name • Usage data: API requests, model usage, token consumption, and associated metadata • Payment information: billing address and payment method details (processed securely via our payment processor — we never store raw card numbers) • Communications: support tickets, feedback, and any other communications you send us We also collect certain technical data automatically when you use our services, including IP addresses, browser type, device identifiers, and request logs necessary for service operation and security.

We use the information we collect to: • Provide, maintain, and improve our services • Process transactions and send related information • Monitor and analyze usage patterns and trends • Detect, investigate, and prevent security incidents and abuse • Send technical notices, updates, security alerts, and administrative messages • Respond to your comments and questions and provide customer service • Comply with legal obligations We do not and will never sell your personal information to third parties.

By default, we do not log or store the content of your prompts or model completions. Request metadata (model used, token count, latency, timestamps) is retained for up to 90 days for billing, analytics, and abuse prevention. You may configure extended logging in your account settings for debugging purposes. Any logs you enable are stored in your account only and can be deleted at any time.

We implement industry-standard security measures including: • TLS 1.3 encryption for all data in transit • AES-256 encryption for data at rest • SOC2 Type II compliance with annual audits • Role-based access controls and audit logging internally • Regular penetration testing by third-party security firms Despite these measures, no security system is impenetrable. We encourage you to use strong API key practices and contact us immediately if you suspect unauthorized access.

Depending on your location, you may have rights including: • Access: Request a copy of the personal data we hold about you • Correction: Request correction of inaccurate or incomplete data • Deletion: Request deletion of your personal data ("right to be forgotten") • Portability: Request a machine-readable export of your data • Objection: Object to certain processing activities • Restriction: Request restriction of processing in certain circumstances To exercise these rights, email privacy@10ai.link. We will respond within 30 days.

We use essential cookies necessary for service operation (session management, authentication). We do not use advertising or tracking cookies. You can control cookie preferences in your browser settings. Disabling essential cookies may affect service functionality.

We use third-party services for payment processing (Stripe), infrastructure (AWS, Cloudflare), and analytics (internal tools only). Each of these is bound by data processing agreements ensuring GDPR compliance. We do not share your data with AI model providers beyond what is necessary to process your API requests.

For privacy-related inquiries, contact our Data Protection Officer at privacy@10ai.link or write to us at: 10ai.link Inc., 548 Market St, San Francisco, CA 94104, USA.