Privacy Policy for Nova AI Relay

Last Updated: [Date, e.g., May 29, 2026]

Welcome to Nova AI Relay ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website [Your Website URL] or use our AI API relay and proxy services (the "Service").

Please read this Privacy Policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

1. Information We Collect

We may collect information about you in a variety of ways when you interact with our Service.

A. Personal Data

When you register for an account, we may collect personally identifiable information, such as:

• Contact Information: Name, email address, and username.
• Billing Information: Payment details (processed securely via our third-party payment processors; we do not store full credit card numbers).

B. Usage Data and API Logs

To ensure the stability and security of our Service, we automatically collect certain information when you make API requests, including:

• IP addresses
• Timestamps of API calls
• Bandwidth consumed and token usage
• Browser type and operating system
• Error logs for debugging purposes

C. Content Data (Prompts and Responses)

[Choose the option that matches your actual system design and delete the other]

Option 1 (No-logging/Privacy-focused): We act strictly as a relay. We do not permanently store, log, or train on the contents of your API requests (prompts) or the AI-generated responses. Content data is only processed in-memory for the duration necessary to transmit the request to the upstream AI provider and return the response to you.

Option 2 (Caching/Logging enabled): We may temporarily store your API requests (prompts) and responses for [Insert Number] days for the purpose of debugging, abuse prevention, and request caching to improve performance. We do not use your prompts or responses to train any AI models.

2. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain our Service.
• Process your transactions and manage your account.
• Monitor API usage for billing (token tracking) and rate-limiting purposes.
• Detect, prevent, and address technical issues, fraud, or abuse.
• Send you administrative emails, such as updates to our terms, security alerts, and support messages.

3. Data Sharing and Upstream Providers

Because our Service acts as a proxy/middleware, your API requests (prompts) are securely transmitted to third-party AI providers (e.g., OpenAI, Anthropic, Google) to generate the requested responses.

• Upstream AI Providers: The content of your requests is subject to the respective privacy policies of these upstream providers. We recommend reviewing their policies to understand how they handle your data.
• Service Providers: We may share your data with third-party vendors who perform services on our behalf (e.g., Stripe for payment processing, AWS/Cloudflare for hosting and security).
• Legal Obligations: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency).

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

4. Data Security

We use administrative, technical, and physical security measures to help protect your personal information. All API traffic between you, our servers, and upstream providers is encrypted using industry-standard Transport Layer Security (TLS/HTTPS). However, no server, network, or data transmission over the internet can be guaranteed to be 100% secure.

5. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Upon account deletion, your personal data will be erased within [Insert Number, e.g., 30] days, except for data required to be kept for legal or tax purposes.

6. Your Data Privacy Rights

Depending on your location (such as under the GDPR or CCPA), you may have the following rights regarding your personal data:

• Right to Access: You can request copies of your personal data.
• Right to Rectification: You can request that we correct any information you believe is inaccurate.
• Right to Erasure: You can request that we erase your personal data, under certain conditions.
• Right to Restrict Processing: You can request that we restrict the processing of your personal data.

To exercise any of these rights, please contact us using the information provided below.

7. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.