Privacy as Architecture
At SAPI, we made a deliberate architectural decision: we never store, log, or retain the content of your prompts or model responses. This is not configurable — it is enforced at the infrastructure level.
We retain only the metadata required for billing and operational monitoring: token counts, model name, latency, status codes, and request IDs.
Encryption Standards
Provider API keys are encrypted at rest using AES-256-GCM. User API keys are stored as HMAC-SHA256 hashes — we never store raw keys after initial creation.
All traffic is encrypted in transit with TLS 1.3. Our immutable audit ledger records administrative actions without capturing inference content.
Your Data, Your Control
You can request deletion of your account and associated metadata at any time by contacting support@softix.in. We do not sell user data to third parties.
Read our full Security page and Privacy Policy for complete details on our data handling practices.