Privacy Policy

Last Updated: January 10, 2026

This Privacy Policy describes how Hangzhou Wuzheng Information Technology Co., LTD ("we", "us", or "our") collects, uses, and protects your information when you use our LLM API services (the "Services").

By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this policy, please do not use our Services.

1. Information We Collect

Account Information: When you create an account, we collect your email address, name, and other information you provide during registration. This information is used to create and manage your account, authenticate your access, and communicate with you about our Services.

API Usage Data: We collect data about your use of our Services, including:

  • API request timestamps and volume
  • Models and endpoints accessed
  • Token usage and response times
  • Error messages and status codes
  • IP address and approximate location

Payment Information: Payment processing is handled by our third-party payment processors (e.g., Paddle). We do not store your complete credit card information on our servers.

API Request Content: Your API requests (prompts) and responses may be temporarily logged for service improvement, abuse prevention, and to comply with legal obligations.

2. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide, maintain, and improve our Services
  • Billing: To process payments and manage subscriptions
  • Security: To detect, prevent, and address fraud, abuse, and security issues
  • Analytics: To analyze usage patterns and improve service performance
  • Communication: To send you service updates, security alerts, and support communications
  • Compliance: To comply with legal obligations and enforce our Terms of Service

3. Data Sharing and Disclosure

We do not sell your data. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist us in operating our Services (e.g., payment processors, cloud infrastructure providers, analytics services)
  • Legal Requirements: When required by law, court order, or government authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: With your explicit consent for specific purposes

4. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Secure API key authentication
  • Regular security audits and penetration testing
  • Access controls and authentication for our systems

Despite our best efforts, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

5. Data Retention

API Usage Logs: We retain API request logs for a limited period (typically 30 days) to maintain service quality, troubleshoot issues, and prevent abuse.

Account Data: We retain your account information for as long as your account is active. Upon account deletion, your personal data is deleted or anonymized within a reasonable period, except where required by law to retain certain records.

Payment Records: Payment records are retained as required by applicable tax and financial regulations.

6. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Objection: Object to certain processing activities
  • Portability: Request transfer of your data to another service
  • Restriction: Request restriction of processing activities

To exercise these rights, please contact us through your account dashboard or reply to your confirmation email. We will respond to your request within the timeframe required by applicable law.

7. API Key Security

Your API key is the primary method for authenticating your requests. You are responsible for:

  • Keeping your API keys confidential and secure
  • Rotating your API keys regularly
  • Immediately revoking compromised keys
  • Not embedding API keys in client-side code or public repositories

You are liable for all usage and charges incurred through your API keys, whether authorized or not.

8. Children's Privacy

Our Services are not intended for children under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete such information.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and implement appropriate safeguards to protect your data.

10. Cookies and Tracking

Our website may use cookies and similar technologies to:

  • Remember your preferences and keep you logged in
  • Analyze website traffic and usage patterns
  • Improve website functionality and user experience

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our website.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of the Services after such changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at support@unlockinsight.xyz.