Legal

Privacy Policy

Last updated: 2026-04-13

TokenByte (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the TokenByte API gateway service (the “Service”).

1. Information We Collect

We collect the following types of information:

Account Information: Username, email address, and password (stored encrypted) provided during registration.

Usage Data: API call logs, token consumption, request timestamps, models and providers used. This data is used for billing, analytics, and service optimization.

Technical Information: IP addresses, browser type, device information, and access logs for security protection and service stability.

Payment Information: We process payments through third-party payment providers and do not directly store your full payment card details.

2. How We Use Your Information

We use collected information for the following purposes:

  • Providing, maintaining, and improving our Service
  • Processing API requests and ensuring accurate billing
  • Sending service notifications, security alerts, and technical updates
  • Detecting and preventing fraud, abuse, and security threats
  • Complying with legal obligations and enforcing our Terms of Service
  • Generating aggregate statistics to improve service quality

3. Data Transfers

When you send API requests through TokenByte, your request content is forwarded to the corresponding AI provider (e.g., OpenAI, Anthropic, Google). We do not store your API request content or response data — we only record metadata (token counts, model, timestamps) for billing purposes.

Please note that your request data is subject to the respective upstream provider’s privacy policy.

4. Data Security

We implement industry-standard security measures to protect your information:

  • All data transmission is encrypted using TLS
  • Passwords are hashed using bcrypt
  • API keys are stored using secure hashing
  • Regular security audits and vulnerability scanning
  • Role-based access controls

5. Data Retention

We retain your data for as long as necessary to provide the Service. Account information is purged within 30 days of account deletion. Usage logs and billing records are retained for up to 12 months as required by law. You may request export or deletion of your data at any time.

6. Your Rights

You have the following rights regarding your personal information:

  • Access: View the personal information we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your account and associated data
  • Export: Obtain a machine-readable copy of your data
  • Restrict Processing: Limit our processing of your data in certain circumstances

To exercise these rights, contact us at support@tokenbyte.ai.

7. Cookies

We use essential cookies to maintain your login session and preferences. We do not use third-party tracking cookies or advertising cookies.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Significant changes will be communicated via email or in-service notification. Continued use of the Service constitutes acceptance of the updated policy.

9. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Email: support@tokenbyte.ai