1. Introduction
This Privacy Policy explains how Thomas Oeser trading as Furious Gryphon Studio ("we," "us," or "our") collects, uses, and protects your information when you use BYOAPI Chat ("the Service"). We are committed to protecting your privacy and handling your data responsibly.
Our commitment: We believe in transparency, minimal data collection, and giving you control over your information. 2. Information We Collect
2.1 Information You Provide
- Account Information: Email address, username, and account preferences
- Payment Information: Processed by third-party payment processors (we do not store payment details)
- API Keys: Encrypted using your master key before storage
- Chat Content: Messages and conversations you create using the Service
- AI Personas: Custom AI personalities you create
2.2 Information Automatically Collected
- Usage Analytics: How you interact with the Service (pages visited, features used)
- Technical Information: IP address, browser type, device information
- Performance Data: Error logs and performance metrics to improve the Service
- Cookies: Essential cookies for authentication and preferences
2.3 Information from Third Parties
- AI Provider Responses: Content generated by third-party AI services in response to your prompts
- Authentication Data: If you sign in through third-party providers
3. How We Use Your Information
3.1 To Provide the Service
- Process your chat requests with AI providers
- Manage your account and authenticate your access
- Store and retrieve your conversations and preferences
- Facilitate switching between AI models
3.2 To Improve the Service
- Analyze usage patterns to enhance user experience
- Monitor service performance and reliability
- Develop new features and capabilities
- Ensure security and prevent abuse
3.3 To Communicate with You
- Send important service updates and announcements
- Respond to your support requests
- Provide technical assistance when needed
4. API Key Security
Maximum Security: Your API keys are protected with military-grade encryption 4.1 Encryption
- Your API keys are encrypted using AES encryption with your master key
- We cannot decrypt your API keys without your master key
- Your master key is never stored on our servers
4.2 Access
- We temporarily decrypt your API keys in memory only when making API calls
- Decrypted keys are immediately discarded after use
- No permanent storage of decrypted API keys occurs
4.3 Your Responsibility
Important: Lost master keys cannot be recovered - you will need to re-enter your API keys - You are solely responsible for your master key security
- We recommend using a strong, unique master key
5. Data Storage and Security
5.1 Where Your Data is Stored
- Data is stored using Supabase infrastructure
- Data centers are located in regions compliant with privacy laws
- All data transmission is encrypted using SSL/TLS
5.2 Security Measures
- Industry-standard encryption for data at rest and in transit
- Regular security audits and updates
- Access controls and authentication systems
- Monitoring for unauthorized access attempts
5.3 Data Retention
- Account data: Retained while your account is active
- Chat history: Retained until you delete it or close your account
- Analytics data: Aggregated and anonymized after 12 months
- Payment records: Retained as required by law (typically 7 years)
6. Sharing Your Information
We Do Not Sell Your Data: We never sell, rent, or trade your personal information to third parties for marketing purposes. 6.1 When We May Share Information
- AI Providers: Your prompts are sent to AI providers to generate responses
- Service Providers: Trusted partners who help us operate the Service (hosting, analytics, payment processing)
- Legal Requirements: When required by law, court order, or to protect rights and safety
- Business Transfers: In the event of a merger, acquisition, or sale of assets
6.2 Third-Party AI Providers
Australian Privacy Complaints: If you're not satisfied with our response, you can contact the Office of the Australian Information Commissioner at www.oaic.gov.au.