← Home

Privacy Policy

Last updated: 2026-05-23

Who we are

aiqa-inference (the “Service”) is operated by SPACEGOGO PTE. LTD., a company incorporated in Singapore. For questions about this policy, contact us via /contact.

What we collect

  • Account data: email address, hashed password, display name.
  • Payment metadata: transaction ID, amount, currency, payment provider, timestamp. We never store credit card numbers — these are handled by Stripe and PayPal directly.
  • Usage logs: API request timestamps, model identifier, prompt + completion token counts, response latency, originating IP address. Retained for up to 90 days for billing and abuse-detection purposes.
  • Optional content: prompt and response bodies are NOT retained by default. They may be temporarily logged when investigating a specific abuse report or compliance incident, then deleted within 30 days.

How we use data

  • Provide the Service (authentication, metering, billing).
  • Prevent fraud, abuse, and misuse.
  • Respond to support requests.
  • Comply with legal obligations (e.g., responding to lawful requests from authorities).
We do not use your prompts or responses to train any AI model. We do not sell your data to third parties.

Third parties

  • Stripe (USA) — credit card payment processing. Subject to Stripe Privacy Policy.
  • PayPal (USA / Singapore) — alternative payment processing. Subject to PayPal Privacy Policy.
  • Upstream LLM providers (e.g., DeepSeek, OpenRouter) — your prompt content is forwarded in real time to fulfill API requests. Each provider has its own privacy and data retention policy; we choose providers whose policies are compatible with our no-training commitment.
  • Google Cloud Platform — hosting infrastructure (servers, database, logging).

International transfers

Your data may be transferred to and processed in countries other than your country of residence (including the United States, Singapore, and Mainland China where our hosted database and upstream providers operate). We rely on standard contractual clauses where applicable.

Your rights (GDPR / CCPA)

If you are located in the European Economic Area, United Kingdom, or California, you have the right to access, correct, delete, or export your personal data, and to object to certain processing. To exercise these rights, email us via /contact. We will respond within 30 days.

Data retention

  • Account profile: until you request deletion, or 2 years of inactivity.
  • Payment records: 7 years (tax / accounting compliance).
  • Usage logs: 90 days.
  • Prompt / response bodies: not retained (see “What we collect” above).

Security

We use HTTPS, encrypted-at-rest databases (Cloud SQL), and short-lived API keys. Payment credentials never touch our servers. If you believe your account has been compromised, contact us immediately at /contact.

Cookies

We use session cookies for login state and a CSRF / user-id cookie for API request authentication. We do not use third-party tracking or advertising cookies.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced via email and posted on this page with a new “Last updated” date.