Privacy Policy

Last updated: June 1, 2026

1. Information We Collect

We collect the following information when you use our Service:

• Account Information: Email address, name, and password hash when you register.
• API Usage Data: Request timestamps, model used, token counts, and request IDs for billing and operational purposes.
• API Key Metadata: Key prefixes and creation dates. Full API keys are hashed and never stored in plain text.
• Communication Data: Information you provide when contacting us through the contact form or email.

2. What We Do NOT Collect

• We do not log or store the content of your API requests or responses beyond what is necessary for billing (token counts).
• We do not sell your personal data to third parties.
• We do not use your data to train AI models.

3. How We Use Your Information

• To provide, maintain, and improve the Service
• To process payments and generate billing records
• To communicate with you about service updates, support requests, and account matters
• To detect and prevent abuse, fraud, or unauthorized use
• To comply with legal obligations

4. Data Storage and Security

Your data is stored in MySQL databases on our cloud servers. We implement industry-standard security measures including encryption in transit (TLS) and encryption at rest for sensitive data. API keys and passwords are hashed before storage.

5. Data Retention

We retain account information for as long as your account is active. Billing logs are retained for 3 years for tax and compliance purposes. You may request deletion of your account and associated data at any time by contacting us.

6. Third-Party Services

6.1 We use Stripe and Paddle for payment processing. Depending on your selected payment method, Stripe or Paddle receives your payment information and is subject to their respective privacy policies. Paddle acts as the Merchant of Record for transactions processed through Paddle.

6.2 API requests are forwarded to third-party AI providers (DeepSeek, Zhipu, Alibaba Cloud, MiniMax, Moonshot AI, StepFun). These providers receive model inputs and generate outputs; they do not receive your personal information.

7. Cookies

We use essential cookies for authentication (JWT tokens stored in cookies). We do not use tracking cookies or third-party analytics cookies.

8. GDPR Compliance (EU Users)

If you are located in the European Economic Area, you have the following rights:

• Right to access: Request a copy of your personal data.
• Right to rectification: Request correction of inaccurate data.
• Right to erasure: Request deletion of your data (subject to legal retention requirements).
• Right to data portability: Request a copy of your data in a structured format.

To exercise these rights, contact us at findtoken@outlook.com.

9. Children's Privacy

The Service is not intended for individuals under 13 years of age. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the Service.

11. Contact

For privacy-related inquiries, contact us at findtoken@outlook.com.