Privacy Policy

This Privacy Policy explains how Bandlayer AI collects, uses, and protects your data when you use our AI gateway service. We are committed to GDPR compliance and transparency about data handling.

Data We Collect

  • Account Information: Email, username, and authentication data
  • Usage Data: API requests, token counts, and model preferences
  • Prompts & Responses: Content sent to and received from AI models
  • Payment Information: Processed securely via Stripe

AI Model Training (Free Tier)

Important: Data Usage on Free Tier

When using Bandlayer AI on the free tier, your prompts and conversations are processed through third-party AI provider APIs (including OpenAI, Anthropic, Google, and others). These providers may use your data to train and improve their AI models according to their respective privacy policies.

This means:

  • • Your prompts may be reviewed by provider staff
  • • Your data may be used to improve AI model performance
  • • Anonymized data may be used for research purposes

Opt-Out by Upgrading

Paid tier users have their requests processed with "no training" flags enabled where supported by providers, preventing your data from being used for model training.

Data Protection

  • All data is encrypted in transit (TLS 1.3) and at rest
  • API keys and credentials are encrypted using Fernet encryption
  • We do not sell your personal data to third parties
  • Regular security audits and vulnerability assessments

Your Rights (GDPR)

Under GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your data
  • Portability: Receive your data in a machine-readable format
  • Object: Object to processing for certain purposes

To exercise these rights, contact us at: privacy@bandlayer.com

Last updated: December 2024