Security

Security and data handling

A factual summary of stored data, retention practices, and security contact information

Data we store

We store only what is needed to operate the API and accounts

Data	Why	Stored	Retention
Account email	Authentication and account access	Yes	Until account deletion
API usage metadata (model, tokens, latency, cost)	Billing, usage analytics, reliability	Yes	No automatic TTL
Prompt/response content	Processed to generate responses	No	Not stored
Password reset IP address	Security for password reset requests	Yespassword reset only	No automatic TTL
App attribution (normalized URL/name)	Attribute usage to an app/source	Yes	No automatic TTL

Account email

API usage metadata (model, tokens, latency, cost)

Prompt/response content

Password reset IP address

App attribution (normalized URL/name)

How long we keep data and what appears in infrastructure logs

Infrastructure request logs may include IP address and user agent; auth headers and cookies are redacted
Log retention depends on the deployment’s log storage configuration

For security reports or questions, email us

Privacy and legal terms for GonkaGate