Privacy Policy
Last updated: July 4, 2026
1. Our Principle
We do not store your queries. We do not store your responses. We do not sell your data. All processing is real-time and ephemeral.
This is not just a policy — it is built into our architecture. Queries are processed in memory and discarded. No persistent storage of conversation content.
2. What We Collect
To provide the Service, we collect:
- Email address — when you subscribe to a paid plan (for billing and account management)
- Payment information — processed by Razorpay (we never see or store your card details)
- Usage counts — number of queries per day/month (to enforce plan limits). We store the count, NOT the query content.
- API keys — hashed and stored securely for authentication
3. What We Do NOT Collect
- Query content — we do not store what you ask
- Response content — we do not store what the AI answers
- Conversation history — no chat logs are persisted
- IP addresses — not logged for analytics
- Browsing data — no tracking pixels, no cookies (except essential)
4. How We Use Your Data
- Email: to send billing receipts, subscription notifications, and important service updates
- Usage counts: to enforce plan limits and prevent abuse
- Payment data: processed by Razorpay for subscription billing
We do NOT use your data to train AI models. We do NOT use your data for advertising. We do NOT share your data with third parties.
5. Data Processors
We use the following third-party services to operate the Service:
- Razorpay — payment processing (PCI-DSS compliant, we never see card details)
- OpenRouter — AI model hosting (queries are forwarded to their models; their privacy policy applies to query data in transit)
- Vercel — website hosting and API infrastructure
Each processor has their own privacy policy. We have data processing agreements in place and only share the minimum data necessary to provide the Service.
6. Data Security
- API keys are hashed with SHA-256 before storage
- Payment processing is handled by Razorpay (PCI-DSS Level 1 compliant)
- All API communication uses HTTPS/TLS encryption
- Database access is restricted and audited
- No plaintext payment data is ever stored on our servers
7. Your Rights (GDPR / CCPA)
You have the right to:
- Access your data — request a copy of all data we hold about you
- Correct your data — request correction of inaccurate information
- Delete your data — request deletion of your account and associated data
- Export your data — receive your data in JSON format
- Object to processing — request that we stop processing your data
To exercise these rights, email us at ggs@temuclaude.com. We respond within 30 days.
8. Data Retention
- Account data (email, plan): retained while your account is active, deleted within 30 days of account closure
- Usage counts: retained for 90 days, then automatically purged
- Payment records: retained for 7 years (tax compliance, as required by Indian law)
- API keys: deleted immediately upon revocation
9. Cookies
We use only essential cookies:
- Anonymous identifier (localStorage) — to track free tier usage across sessions
- Cookie consent — to remember your consent choice
We do NOT use analytics cookies, advertising cookies, or social media tracking cookies.
10. Children's Privacy
The Service is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it immediately.
11. Data Breach Notification
In the event of a data breach, we will notify affected users within 72 hours of discovery, as required by GDPR Article 34.
12. Changes to This Policy
We may update this Privacy Policy at any time. We will notify subscribers of material changes via email. Continued use of the Service constitutes acceptance of the updated policy.
13. Contact
For privacy questions or data requests, contact: ggs@temuclaude.com