1. What we collect
Email (for login), Stripe customer ID, and per-request metadata (timestamp, token counts, latency, status). We do not store request bodies or response bodies on disk. No name, phone, or address collection beyond what Stripe captures for tax/fraud.
2. Where it lives
Google Cloud Firestore in Singapore (asia-southeast1). Transactional email via Resend. Payments and KYC via Stripe. No third-party analytics track you across the internet; marketing pages use privacy-friendly Plausible (no cookies, IP-hashed).
3. Who we share with
DeepSeek International receives only the content of your API requests, as that's the service you asked us to forward to. Stripe receives payment info. Google Cloud holds encrypted data at rest. Nobody else, ever, unless subpoenaed.
4. How long we keep it
Usage logs auto-expire after 90 days via Firestore TTL. Transaction logs are kept 7 years (tax requirement). Everything else is deleted within 30 days of account deletion.
5. Your rights
You can export or delete your data from the dashboard. GDPR / CCPA requests: email me@alwa.info. We'll respond within 30 days.
6. Contact
me@alwa.info for all privacy questions. For urgent security issues, include "[security]" in the subject.