Privacy Policy

1. Introduction

Claudinio ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our API proxy and routing service. By using the Service, you consent to the practices described in this policy.

2. Information We Collect

We collect the following types of information:

• Account Information: When you sign in via GitHub, we receive your GitHub username, public profile information, and email address. We do not access your private repositories or other GitHub data.
• Usage Data: We collect API request metadata including timestamps, model selected, token counts (input, output, cached), request type, and total spend. We do NOT log the content of your API requests or responses (the prompt text or model outputs). Only anonymized metadata is retained.
• Payment Information: All payment processing is handled by Stripe. We do not store or have access to your full credit card numbers, bank details, or other sensitive financial information. Stripe may share limited billing information with us (e.g., payment status, subscription tier).
• Anti-fraud signals: a one-way fingerprint of your payment method and your normalized email address, used only to enforce our one-trial-per-customer policy and prevent abuse.
• Cookies and Tracking Technologies: We use a session cookie and a locale preference cookie. We also use third-party tracking technologies including Google Analytics (website traffic measurement) and Reddit Pixel (advertising effectiveness and conversion tracking). These third-party services may set cookies or use similar technologies on your device.
• Communications: If you contact us for support, we may retain the content of your messages and our responses.

3. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve the Service, including routing your API requests to third-party inference providers
• To process subscriptions, manage budgets, and handle billing through Stripe
• To detect and prevent abuse, including enforcing the one-free-trial-per-customer limit.
• To monitor usage patterns, detect abuse, and optimize routing decisions
• To debug, monitor response quality, and prevent abuse, we log API request and response content to a self-hosted observability system operated on infrastructure we control
• To comply with legal obligations and enforce our Terms of Service

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

• Third-Party Inference Providers: Your API request content (prompts and model inputs) is transmitted to third-party LLM inference providers for processing. Each provider has its own data handling practices. We recommend reviewing their respective privacy policies. We do not share your identity or account information with providers beyond what is necessary to process your requests.
• Infrastructure Hosting: Our Service is hosted on cloud infrastructure. Metadata and configuration data may be processed by our hosting providers.
• Payment Processing: Stripe processes all payments. Stripe's privacy policy applies to the payment information you provide.
• Analytics and Advertising Platforms: We use Google Analytics and Reddit’s advertising pixel (Reddit Pixel) to measure website performance and the effectiveness of our advertising. These services may receive anonymized usage data and conversion signals (such as sign-ups and subscription purchases) to help us understand how users discover Claudinio. Reddit’s pixel is governed by Reddit’s Privacy Policy.
• Legal Compliance: We may disclose information if required by law, court order, or governmental regulation, or if we believe in good faith that disclosure is necessary to protect our rights or the safety of our users.

Claudinio does not sell your personal information to third parties. Claudinio does not train AI models on your data. However, third-party inference providers operate under their own separate data policies as described above. This statement applies only to Claudinio's own practices and does not extend to third-party providers.

5. Data Retention

API request metadata (timestamps, token counts, spend), together with request and response content logged to our self-hosted observability system, is retained for up to 30 days for free-tier users and up to 90 days for paid subscribers, after which it is permanently deleted. Account information is retained until you request deletion or your account is inactive for 12 consecutive months. Billing records are retained as required by tax and financial regulations.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3) for all API communications. API keys are hashed and stored securely. However, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your information.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you
• Deletion: Request deletion of your account and associated data
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to certain processing of your personal data

To exercise any of these rights, contact us at the email address provided on our website. We will respond to your request within 30 days.

8. Third-Party Links

Our website and Service may contain links to third-party websites or services, including those of our infrastructure providers. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you interact with.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted at this URL with an updated effective date. We encourage you to review this policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.