Privacy Policy
Last updated:
This Privacy Policy describes how VoltAI, L.L.C. (“VoltAI”) collects, uses, retains, and shares information when you use our Service. It supplements, but does not replace, our Terms of Service.
1. Who we are
VoltAI, L.L.C. — a Wyoming limited liability company, operating voltai.one, api.voltai.one, and console.voltai.one. We are the data controller for account and billing data. For request/response content, we are a data processor acting on your instructions (see Section 5).
Contact: privacy@voltai.one.
2. What we collect
2.1 Account data
- Email, display name, hashed password (or OAuth provider ID);
- Organization name, billing address, tax ID (if you provide one);
- API keys (we store a salted hash; we show the plaintext once at creation and never again);
- Session cookies for the console; CSRF tokens; device fingerprint for abuse detection.
2.2 Billing data
- Top-up amounts, payment method metadata (we do not store full card numbers — Stripe does);
- Invoice history, per-call usage: timestamp, model, input/output token count, latency, cost, upstream region.
2.3 Request and response content
- The prompt you submit and the completion the Upstream Provider returns;
- Streaming chunks reassembled for metering and for the parity benchmark (Section 4 of Terms);
- HTTP headers you set, excluding your
Authorizationheader (we swap it out at the gateway boundary and never log the upstream key either).
2.4 Technical logs
- Source IP, user agent, TLS fingerprint (for abuse detection only);
- Error traces and performance metrics (no request bodies in error traces by default).
3. What we do not collect
- We do not train models on your content.We do not fine-tune models on request bodies, response bodies, prompts, completions, embeddings, or derived artifacts. This is a contractual commitment, not a marketing claim — it is part of Section 4 of the Terms of Service.
- We do not sell your personal information. We do not share it with advertisers. We do not build behavioral profiles across the web.
- We do not deploy third-party trackers on the console.
voltai.one(marketing) uses first-party, cookieless analytics (page-view counts only).
4. Why we use what we collect
- To run the Service: route your request to the upstream, return the response, meter the call.
- To bill you: compute per-call cost, issue invoices, process refunds, handle disputes.
- To keep the Service honest: the daily parity benchmark (Section 4.3 of Terms) uses upstream eval prompts, not your request content.
- To detect abuse: rate-limiting, fraud detection, enforcing Section 3 of Terms.
- To support you: if you open a ticket, we may temporarily access request logs you refer us to.
- To comply with law: respond to lawful requests, preserve records for audit.
5. Role and legal basis
For account and billing data, we are a data controller; our legal bases under GDPR are performance of contract (Article 6(1)(b)) and legitimate interest in running the business (Article 6(1)(f)).
For request and response content, we are a data processor acting on your instructions; the controller is you (or your organization). Our commitments as processor are documented in the Data Processing Addendum, which is incorporated by reference for enterprise customers and available to all customers upon request.
6. Retention
The table below is authoritative. If any discrepancy exists between this table and marketing copy, this table controls.
| Data category | Retention | Purpose |
|---|---|---|
| Request and response bodies | 30 days, then permanently deleted | Billing reconciliation, abuse triage |
| Per-call metadata (tokens, latency, model, cost) | Lifetime of account + 7 years | Tax and financial record-keeping (U.S.) |
| Account and billing records | Lifetime of account + 7 years | Tax and regulatory |
| API key hashes | Until key is revoked, then 30 days | Audit trail |
| Technical logs (IP, UA, errors) | 90 days | Abuse detection, incident response |
| Support ticket transcripts | 3 years after closure | Dispute defense |
| Parity benchmark prompts and outputs | Published at /integrity; retained indefinitely | Public auditability |
You may request earlier deletion of request/response bodies from the console (“Purge now”) at any time, provided the data is not under a legal hold.
7. Who we share data with
- Upstream Providers(Anthropic, OpenAI, Google, xAI, DeepSeek, Alibaba Cloud, Zhipu, Moonshot, Volcengine) — to fulfill your request. Each has its own privacy terms.
- Stripe, Inc.— payment processing. We send them the minimum billing metadata required to charge your payment method.
- Infrastructure vendors— our VPS host (Alibaba Cloud Singapore), TLS CA (Let's Encrypt), DNS (Cloudflare), transactional email (Postmark). All bound by written confidentiality and processing agreements.
- Law enforcement— only in response to a lawful, properly scoped request. We publish a transparency report annually at
/transparency.
We do not sell data. We do not share data with advertisers. We do not permit processors to use your data for their own purposes.
8. Your rights
Subject to applicable law (including the EU/UK GDPR, California CPRA, and similar regimes), you have the right to access, correct, delete, port, and restrict processing of your personal data, and to object to certain processing. Self-serve tools in the console cover most of these; for anything else, email privacy@voltai.one and we will respond within 30 days.
If you are in the EU/EEA or UK, you may also complain to your local data protection authority. If you are in California, you may additionally exercise rights under the CCPA/CPRA; we do not sell or share personal information as those terms are defined.
9. Security
We use TLS 1.3 for all transport, encrypt backups at rest, store API keys and passwords as salted hashes (Argon2id for passwords, HMAC- SHA256 for keys), enforce 2FA for all staff accounts, and follow the principle of least privilege. We run an internal security review quarterly and patch known CVEs within the vendor's disclosed window.
We are not yet SOC 2 certified. When we are, the report will be available under NDA to enterprise customers; we will not display a logo in lieu of the report.
10. International transfers, children, and changes
Data may be processed in the United States, Singapore, and wherever the Upstream Provider you choose operates. For EU/EEA/UK personal data, we rely on Standard Contractual Clauses (2021/914/EU) and equivalent UK IDTA. A list of sub-processors and their locations is maintained at /sub-processors.
The Service is not directed to children under 16, and we do not knowingly collect their personal data.
We may update this Policy. Material changes will be announced on the site and, where we have contact details, emailed to account admins at least 30 days before they take effect.