// legal/privacy-policy

Privacy Policy

Last updated: April 17, 2026

LLMAI ("we", "our", "us") operates the website at llmai.dev and the developer console at console.llmai.dev. This Privacy Policy explains what data we collect, why we collect it, how we use it, and what rights you have over it.

By accessing or using LLMAI services, you agree to the practices described in this policy. If you do not agree, please discontinue use of our services.

// section 01

Information We Collect

Account Information

When you register, we collect your email address and a hashed password (or OAuth identity token if you sign in via Google). We do not store plain-text passwords.

Usage & API Data

We log API requests routed through api.llmai.dev, including the model name, token counts (input and output), timestamp, and the API key used. We do not permanently store the content of your prompts or completions beyond what is necessary to compute billing.

Billing & Payment

Payments are processed by Stripe. We do not store card numbers or full payment instrument details. We retain records of top-up amounts and transaction timestamps for billing history displayed in your console.

Technical & Diagnostic Data

We collect standard web server logs (IP address, browser user agent, referrer, HTTP status codes) to operate, secure, and improve the service. These logs are retained for a limited period and are not sold or shared for advertising purposes.

Contact Form Submissions

When you use the contact form at llmai.dev/contact, we collect your name, email address, subject, and message text in order to respond to your inquiry.

// section 02

How We Use Your Data

  • Operate and maintain the LLMAI API gateway and console.
  • Calculate per-token usage and deduct the correct amount from your prepaid balance.
  • Send transactional emails (account verification, receipt confirmations, critical service notices).
  • Respond to support requests submitted through our contact form.
  • Detect, investigate, and prevent abuse, fraud, and security incidents.
  • Improve service reliability, performance, and feature quality.
// section 03

Data Sharing & Third Parties

We do not sell your personal data. We share data only in the following limited circumstances:

  • ·Upstream AI Providers: Your API requests are forwarded to the relevant upstream provider (e.g., OpenAI, Google, DeepSeek). These providers receive only the request payload required to fulfil inference — they do not receive your account details or billing information.
  • ·Stripe: Stripe processes all payment transactions. Stripe's handling of payment data is governed by Stripe's own privacy policy.
  • ·Legal Compliance: We may disclose information if required by law, court order, or valid governmental request.
  • ·Business Transfer: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction, subject to equivalent privacy protections.
// section 04

Data Retention

Account data is retained for as long as your account is active. Usage logs and billing records are retained for up to 12 months for billing dispute resolution and abuse prevention. Web server access logs are rotated on a shorter cycle. If you close your account, we will delete your personal data within 30 days, except where we are required by law to retain it longer.

// section 05

Cookies & Tracking

The LLMAI website and console use strictly necessary cookies to maintain your authenticated session. We do not use third-party advertising cookies or behavioral tracking scripts. We do not load analytics SDKs that fingerprint your device.

// section 06

Security

We use TLS encryption for all data in transit. Passwords are hashed using industry-standard algorithms. API keys are stored as hashed values and never returned in full after initial creation. While we take reasonable precautions, no system is completely immune to security risks, and we encourage you to use strong, unique passwords and to rotate API keys regularly.

// section 07

Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated personal data.
  • Object to or restrict processing of your data.
  • Data portability (receive a copy of your data in a structured format).

To exercise any of these rights, use our contact form. We will respond within 30 days.

// section 08

Children's Privacy

LLMAI services are intended for individuals 16 years of age or older. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us via our contact form and we will promptly delete it.

// section 09

Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of LLMAI services after a policy change constitutes your acceptance of the revised terms.

// section 10

Contact Us

For privacy-related questions or requests, please use our contact form. We do not publish a direct email address to reduce spam, but we read every message and respond promptly to privacy inquiries.

→ Terms of Service→ Contact Us