Privacy Policy
How the PromanOS PRO-1 service (OpenAI-compatible AI API, model pro-1) processes and protects your data. Effective date: 29 June 2026. Early access — this policy may be refined with notice.
1. What data we process
- Account: email and a password hash (the password is stored only as a cryptographic hash, never in plain text).
- Billing: balance, top-up and charge history, and total paid (for plan tiers). Payment cards are handled by Stripe — we never store or see card numbers.
- API tokens: your access keys (shown masked in your account).
- Request content: the messages, uploaded files and images you send to get a response; saved chats and session history.
- Usage metadata: volumes (tokens), cost, timing, model version, and technical logs for reliability and abuse protection.
2. Why we process it
- to provide the service itself (generate a response to your request);
- to maintain your account, balance, and accurate billing;
- to keep the service secure, prevent abuse, and debug failures;
- to comply with legal requirements.
We do not sell your data and do not use the content of your requests for advertising.
3. Processing by third parties (subprocessors)
To operate the service, request content is transmitted to third-party AI infrastructure providers solely to generate a response, and payments are processed by Stripe. The infrastructure runs on a cloud provider. We select providers that maintain an adequate level of data protection. The current list of subprocessors and processing terms (DPA) are available to enterprise customers on request.
4. Isolation and access
Each account's data is isolated: your chats, sessions, and files are accessible only under your account — other users cannot read or enumerate them. Access to data inside the service is restricted and granted only for operations and support.
5. Retention
- Account and billing data are retained for as long as your account exists (and thereafter to the extent required by law or for accounting).
- Uploaded files and saved chats are kept until you delete them.
- Temporary session artifacts are kept for a limited time and then deleted.
- Backups are retained for a limited period and then rotated.
6. Security
Traffic is protected with encryption in transit (TLS). Passwords are stored as a hash (PBKDF2). API access uses secret tokens; keep them confidential. We apply reasonable technical and organizational measures, but no service can guarantee absolute security.
7. Your rights
You can: view and update your account data; delete uploaded files, saved chats, and API tokens in your account; and request an export or deletion of your data and information about its processing by contacting us. We will respond within a reasonable time, subject to legal requirements and payment-accounting obligations.
8. Children
The service is not intended for individuals under 16 years of age (or the age of consent under your applicable law). We do not knowingly collect data from such individuals.
9. Changes to this policy
We may update this Policy. We will give reasonable notice of material changes; the effective date is shown at the top of this page.
10. Contact
For data-processing questions and to exercise your rights: [email protected]. See also the Terms of Service.
© 2026 PromanOS · api.promanos.com