Privacy Policy
Effective date: 3 May 2026 · Last updated: 3 May 2026
This policy explains what personal data we collect when you use Inferly, why we collect it, who we share it with, how long we keep it, and the rights you have over it. If anything here is unclear, email us at contact@getinferly.com.
Status of the Service. Inferly is currently an early-stage prototype operated as a side project. It is not a commercial product, no payments are being collected at this time, and the Service may be changed, paused, or discontinued at any time. The data practices described below apply now and will continue to apply as the Service evolves; we will update this policy if anything material changes.
Contents
- Who is responsible for your data
- In one paragraph
- What we collect and why
- Your prompts and outputs
- Legal bases (UK/EU)
- Who we share data with
- International transfers
- How long we keep it
- Security
- Cookies and similar technologies
- Your rights
- Children
- California residents
- Changes to this policy
- Contact
1. Who is responsible for your data
The data controller for your personal data is the individual operating Inferly, based in the United States. The Service is run at getinferly.com as a sole-operator side project, not by a registered company. You can reach us at contact@getinferly.com; the operator's full legal name and postal address are available on request to that email.
2. In one paragraph
Inferly is a paid gateway between you and large language models. To run that service we hold the bare minimum: your email and account info, hashed copies of your API keys, billing information held by Stripe, and per-request metadata (model name, token counts, latency, status code, IP address) used for billing, abuse prevention, and dashboards. We do not store the content of your prompts or model responses — they pass through our servers in transit but are not written to durable storage. We do not sell your data, and we do not use it to train any model.
3. What we collect, and why
3.1 Account data
- Your email address, name (if you provide one), and (if you sign in with a password) a salted hash of that password.
- If you sign in with a third-party identity provider, the basic profile fields and tokens it returns to us.
- Email-verification and password-reset tokens, which are short-lived.
Why: to create and secure your account, send transactional email (verification, password reset, billing notices), and let you sign back in.
3.2 Billing data
- Your Stripe customer ID, subscription ID, plan, status, and billing period.
- Receipts and invoices we send you.
Card numbers and other payment-instrument details are entered directly into Stripe's hosted forms and processed by Stripe. We never see, store, or have access to your full card number, expiry, or CVV.
Why: to charge you the correct amount, comply with tax and accounting obligations, and resolve billing disputes.
3.3 API keys
- A label you give the key, the first few characters (the "prefix") for your reference, a SHA-256 hash of the secret, the time it was last used, and whether it has been revoked.
The full secret of an API key is shown to you exactly once at creation time. We do not store it. If you lose a key, you must generate a new one.
Why: to authenticate API requests, attribute usage, and let you revoke compromised keys.
3.4 Usage events (metadata only)
For each request you make through the gateway we log:
- your user ID and the API key used;
- the model and upstream provider that handled the request;
- the number of prompt and completion tokens;
- the HTTP status and latency;
- a timestamp.
We do not log the messages you sent, the system prompts, the tool definitions, the tool call arguments, or the model's response.
We also store daily aggregates (request counts and token totals per user / day / model) to power dashboards.
Why: to bill you correctly, show you your usage, detect and prevent abuse, troubleshoot incidents, and run our business.
3.5 Session and technical data
- Session tokens, their expiry, and the IP address and user agent of the device that created the session.
- Server logs that may temporarily contain IP address, user-agent, request path, status code, and timing.
- Errors raised in the dashboard or API, captured for debugging.
Why: to keep you signed in securely, defend against intrusion and fraud, and fix bugs.
3.6 Communications you send us
If you email us or contact support, we keep the message and our reply.
Why: to handle your request and keep a record of it.
4. Your prompts and outputs
Because we are a routing layer, your prompts and the model's responses pass through our servers in memory on their way to and from the upstream provider. We do not write them to durable storage, do not use them for analytics, and do not use them to train any model. Standard request logs may briefly contain headers and timing, but they do not include message bodies.
Once a request leaves our infrastructure, it is processed by the upstream model provider — currently OpenRouter and the model owners it routes to. Their handling of your prompts is governed by their privacy policies and the model owner's policies, which we link to where we can. Some providers retain prompts briefly for their own abuse detection. If that matters for your use case, please review the policy of the provider whose model you are calling, and avoid sending highly sensitive data through the Service.
Do not send personal data of others, secrets, payment-card numbers, government identifiers, or regulated data (PHI under HIPAA, etc.) through the Service unless you have your own legal basis to do so and have evaluated the upstream provider's terms.
5. Legal bases for processing (UK/EU)
If UK or EU data-protection law applies, we rely on the following lawful bases:
- Contract — to set up your account, deliver the Service, charge you, and provide support.
- Legitimate interests — to keep the Service secure, prevent abuse and fraud, debug, run our business, and communicate non-marketing updates. Our interests are balanced against your rights and freedoms; you can object on grounds relating to your particular situation.
- Legal obligation — to keep records for tax, accounting, and to respond to lawful requests.
- Consent — where we ask for it, for example for marketing communications. You can withdraw consent at any time.
6. Who we share data with
We share personal data with these categories of recipient ("subprocessors"), each acting on our instructions:
| Recipient | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing, subscription management, tax | Email, name, billing address, payment-instrument details (entered directly into Stripe), Stripe customer ID |
| OpenRouter (and the model providers it routes to) | Executing your model requests | Prompts, tool definitions, parameters, your IP address (as a request originator), and the resulting outputs (in transit) |
| Resend | Sending transactional email (verification, password reset, billing) | Email address and the body of the message we send you |
| Netlify | Hosting the website and dashboard | Server logs (IP, user-agent, request path) |
| Cloud and database hosting | Running our backend, database, and cache | All of the data described in section 3 |
We may add or change subprocessors from time to time. The list above is the current set as of the effective date.
We may also disclose personal data:
- to comply with applicable law, a court order, a subpoena, a regulator's lawful request, or to enforce our Terms;
- to protect our rights, safety, or property, or those of our users or the public;
- in connection with a corporate transaction (merger, acquisition, financing, bankruptcy, or sale of assets), in which case the recipient will be bound to honour this policy until it is updated.
We do not sell or rent personal data, and we do not share it for cross-context behavioural advertising.
7. International transfers
We are based in the United States, and our subprocessors are typically established in the United States, the European Economic Area, or the United Kingdom. When personal data of users in the UK or EEA is transferred to or stored in the United States, we rely on appropriate safeguards permitted under UK GDPR and EU GDPR, including the European Commission's Standard Contractual Clauses (and the UK Addendum) and, where applicable, the EU–US Data Privacy Framework and its UK Extension. You can ask us for information about the safeguard in place for any specific transfer.
8. How long we keep data
| Data | Retention |
|---|---|
| Account data (email, profile, hashed password) | While the account is active, plus up to 30 days after deletion (in case of accidental deletion or a chargeback). |
| Billing records (invoices, Stripe IDs) | Up to 7 years after the last invoice, to comply with tax and accounting law. |
| API key hashes | While the key is active, plus 90 days after revocation for audit. |
| Usage events (per-request metadata) | Up to 13 months from the request, to support billing reconciliation, dispute handling, and abuse investigation. |
| Daily aggregate usage (counts, token totals) | Indefinitely, in aggregate form that does not identify you beyond your user ID. |
| Server and security logs | Up to 90 days, longer if needed for an open security investigation. |
| Support correspondence | Up to 3 years from the last message. |
Encrypted backups may persist for slightly longer than the retention windows above; we delete data from backups in the ordinary course of backup rotation.
9. Security
We take reasonable and appropriate technical and organisational measures to protect personal data, including TLS in transit, encryption at rest where supported by our infrastructure, password hashing, salted-hash storage of API key secrets, role-restricted database access, and logging of administrative actions. No system is perfectly secure; if we become aware of a breach affecting your personal data we will notify you and any required authority within the timeframes the law sets.
You are responsible for keeping your account credentials and API keys secret, for using strong passwords, and for telling us promptly if you suspect they have been compromised.
10. Cookies and similar technologies
We use a small number of cookies and equivalent browser-storage mechanisms strictly to operate the Service:
- Authentication tokens — to keep you signed in to the dashboard.
- Session security — to detect and prevent account hijacking.
- Preferences — for example, dashboard UI choices you make.
We do not currently set advertising cookies, cross-site tracking cookies, or third-party analytics cookies that profile you. If we add analytics in the future, we will update this section and, where required, obtain your consent first.
11. Your rights
Depending on where you live, you may have the right to:
- Access a copy of the personal data we hold about you;
- Correct data that is inaccurate or incomplete;
- Delete data ("right to erasure") — subject to our right to keep what we need for legal, billing, security, or contract reasons;
- Restrict or object to certain processing, in particular processing based on legitimate interests;
- Port data you provided to us to another controller in a structured, machine-readable format;
- Withdraw consent where we processed data based on consent;
- Not be subject to a decision based solely on automated processing that produces legal or similarly significant effects on you (we don't currently do this).
To exercise any of these rights, email us at contact@getinferly.com. We may need to verify your identity before we can respond. We respond within the time limits set by applicable law (typically 30 days under UK/EU GDPR).
If you are in the UK or EU and believe we have mishandled your data, you can complain to the supervisory authority where you live, work, or where the alleged infringement took place. We hope you'll come to us first so we can put it right.
12. Children
The Service is not directed at children. We do not knowingly collect personal data from anyone under 16 (or under 13 in the United States). If you believe a child has given us personal data, contact us and we will delete it.
13. California residents
Under the California Consumer Privacy Act (as amended by the CPRA), California residents have the rights to know, delete, correct, and limit processing of their personal information, and the right not to be discriminated against for exercising those rights. The categories of personal information we collect, the purposes for which we use them, and the categories we share with subprocessors are described above in sections 3 and 6. We do not "sell" personal information and we do not "share" it for cross-context behavioural advertising as those terms are defined in California law. To exercise your rights, contact contact@getinferly.com. You may use an authorised agent; we will require evidence of authorisation.
14. Changes to this policy
We may update this policy from time to time. When we make material changes we will update the "Last updated" date at the top and, for active subscribers, notify you by email or in-app notice. Continuing to use the Service after the new policy takes effect means you accept it.
15. Contact
All privacy and data-protection questions, as well as general support, should be sent to contact@getinferly.com. Please use a clear subject line ("Privacy request", "Data export request", "Account deletion", etc.) so we can route your message correctly. The operator's full legal name and postal address are available on request to that email.