ResourcesLegalPrivacy Policy

Privacy Policy

Last Updated: 08 May 2025

1. Introduction

Welcome to ProxAI (“we”, “our”, or “us”). We are committed to protecting your privacy and handling your data with transparency and care. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, including the ProxAI unified API interface and ProxDash dashboard (collectively, the “Services”).

By using our Services, you consent to the data practices described in this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not use our Services.

2. Information We Collect

2.1. Account Information

  • Name, email address, and other contact information
  • Account credentials (excluding provider API keys)
  • Billing information and payment details
  • User preferences and settings

2.2. Technical Information

  • IP addresses and device information
  • Browser type and operating system
  • Usage patterns and interactions with our Services
  • Cookies and similar technologies

2.3. API Integration Data

  • Provider API keys (only when manually provided by you and stored securely with encryption)
  • API call metadata (timestamps, response times, status codes)
  • Usage metrics and analytics
  • Endpoint configurations and parameters

2.4. Content Data

  • Prompts and inputs submitted to the API
  • Responses and outputs received from AI providers
  • Cached results when enabled
  • Debug logs and error messages

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing and Improving Our Services: To facilitate connections with AI providers, process API requests, and deliver results to you
  • Technical Support: To diagnose problems, provide customer support, and troubleshoot issues
  • Service Optimization: To optimize performance, develop new features, and enhance user experience
  • Analytics and Monitoring: To track usage patterns, generate statistics, and monitor system performance
  • Communication: To send service updates, technical notices, and respond to your inquiries
  • Security: To detect and prevent fraud, unauthorized access, and other potential security issues
  • Billing and Administration: To process payments, manage subscriptions, and administer accounts

3.1. Legal Bases for Processing (GDPR / UK GDPR)

PurposeLegal basisWhy it applies
Provide, secure & improve the ServicesArt 6 (1)(b) ContractProcessing is necessary to perform our agreement with you.
Analytics, fraud-prevention, network logsArt 6 (1)(f) Legitimate InterestsWe balance our interest in a reliable, secure platform against your data-protection rights.
Marketing e-mails & product updatesArt 6 (1)(a) ConsentYou may withdraw consent at any time by clicking unsubscribe.
Compliance with legal obligationsArt 6 (1)(c)E.g. tax, accounting or bona-fide law-enforcement requests.

4. Cookies and Similar Technologies

4.1. What Are Cookies

Cookies are small text files that are placed on your device when you visit our website. They allow us to recognize your device and remember certain information about your visit, such as your preferences and actions.

4.2. Types of Cookies We Use

  • Essential Cookies: Required for the operation of our website and Services. They enable core functionality such as security, network management, and account access.
  • Analytical/Performance Cookies: Allow us to recognize and count the number of visitors and see how visitors move around our website. This helps us improve the way our website works.
  • Functionality Cookies: Used to recognize you when you return to our website. This enables us to personalize our content for you and remember your preferences.
  • Targeting Cookies: Record your visit to our website, the pages you have visited, and the links you have followed. We may use this information to make our website and the advertising displayed on it more relevant to your interests.

4.3. Cookie Management

Most web browsers allow some control of cookies through browser settings. You can:

  • Block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies
  • Delete cookies after you have finished browsing by accessing the settings of your browser

Please note that if you disable or delete certain cookies, some features of our Services may not function properly.

5. Data Sharing and Third-Party Services

5.1. AI Provider Integrations

When using our Services, your API requests and associated data are transmitted to the respective AI providers (such as OpenAI, Claude, Google Gemini, etc.) according to your configuration. Each provider processes your data according to their own privacy policies and terms of service.

5.1.1. Third-Party AI Provider Policies

It is important to understand that when you use our Services to connect with third-party AI providers:

  • Your data is transmitted to these providers and is subject to their respective privacy policies and terms of service
  • We do not control how these providers process, store, or use your data
  • Each provider may have different data retention, processing, and security practices
  • We recommend reviewing the privacy policies of each AI provider you connect with through our Services

We make reasonable efforts to securely transmit your data to these providers, but once the data is received by the third-party AI provider, their policies govern the handling of that data.

5.2. Service Providers

We may engage trusted third-party companies and individuals to facilitate our Services, provide the Services on our behalf, perform Service-related tasks, or assist us in analyzing how our Services are used. These third parties have access to your information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

For a current list of sub-processors we use to deliver the ProxAI platform, please visit our Service Providers page.

5.3. Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

5.4. Business Transfers

If we are involved in a merger, acquisition, or asset sale, your information may be transferred as part of that transaction. We will notify you before your information is transferred and becomes subject to a different privacy policy.

6. Data Security

We implement appropriate technical and organizational measures to protect the security of your personal information. However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure.

6.1. API Key Protection

We employ encryption and secure storage practices for API keys. We do not share your API keys with any third parties except as necessary to fulfill the specific AI provider requests you initiate.

6.2. Data Transmission

All data transmitted between our Services and the AI providers is encrypted using industry-standard protocols.

6.3. Breach Notification

In the event of a data breach that affects your personal information, we will notify you in compliance with applicable laws.

7. User Rights and Controls

7.1. Access and Update

You can access and update your account information through your ProxDash account settings.

7.2. Data Retention and Deletion

We retain your information for as long as your account is active or as needed to provide you with our Services. We will delete or anonymize your information upon request unless we are legally required to retain it.

You have the right to request deletion of your personal data. When you delete your account or request data deletion, we will permanently delete all your personal data from our systems, except where we are legally required to retain certain information. We do not store your data after account deletion.

7.3. Data Portability

You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format. You can request export of your data through your account settings or by contacting our support team.

7.4. Additional EU/UK Data-Subject Rights

If you are located in the European Economic Area or the United Kingdom you also have the right to:

  • Rectification – ask us to correct inaccurate personal data.
  • Restriction – request that we limit processing to storage only.
  • Objection – object to processing based on legitimate interests, including profiling for direct marketing.
  • Portability – receive a machine-readable copy of the data you provided.
  • Automated decision-making – know whether we carry out fully automated decisions (we do not).
  • Complaint – lodge a complaint with your local supervisory authority.

You can exercise any right by contacting privacy@proxai.co.

7.5. Cost Controls and Budget Management

ProxDash provides tools to monitor and control your API usage and associated costs. These tools provide estimates and usage information for your convenience only. The cost and usage data displayed are estimates and may not reflect actual charges from third-party providers. We make no guarantees regarding the accuracy of these estimates and cannot be held legally accountable for any discrepancies between our estimates and actual charges you may incur. You are responsible for monitoring your actual usage and charges with each third-party provider directly.

7.6. Content Data Controls

You have control over what data is cached and for how long. You can configure retention settings through your account.

8. International Data Transfers

We store and process data in the United States. Whenever we transfer personal data from the EEA, Switzerland or the UK to the US we rely on the Standard Contractual Clauses (Commission Decision EU 2021/914) and have implemented supplementary safeguards such as end-to-end encryption and strict access controls.

9. Children’s Privacy

Our Services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us.

10. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have specific rights regarding your personal information under the California Consumer Privacy Act (CCPA):

10.1. Right to Know

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, including:

  • Categories of personal information we collected about you
  • Categories of sources for the personal information
  • Purpose for collecting that information
  • Categories of third parties with whom we share that information
  • Specific pieces of personal information we collected about you

10.2. Right to Delete

You have the right to request that we delete any of your personal information we have collected and retained, subject to certain exceptions.

10.3. Right to Opt-Out of Sales

We do not currently sell personal information to third parties. We may share certain information with our service providers and third-party AI providers as necessary to deliver our Services, but this sharing is not considered a “sale” under the CCPA.

If in the future we decide to sell personal information, we will update this Privacy Policy accordingly and provide appropriate mechanisms for you to exercise your right to opt out of such sales as required by applicable law.

10.4. Right to Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. We will not:

  • Deny you goods or services
  • Charge you different prices or rates for goods or services
  • Provide you with a different level or quality of goods or services
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services

To exercise any of your CCPA rights, please contact us using the information provided in the “Contact Us” section below.

11. Relationship Between Web Services and Python Library

11.1. Separate but Related Services

The ProxAI ecosystem consists of two main components:

  • The web application and dashboard (ProxDash), which is governed by this Privacy Policy
  • The open-source Python library, which is licensed separately

11.2. Data Sharing Between Components

Your usage of the ProxAI Python library may involve some data transmission to our web services for authentication, analytics, or feature functionality. Any data transmitted from the Python library to our web services is governed by this Privacy Policy.

11.3. Python Library Licensing

The ProxAI Python library is open-source software governed by its own license terms, which can be found at https://github.com/proxai/proxai/blob/main/LICENSE. Your use of the Python library is subject to those license terms.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this policy. You are advised to review this Privacy Policy periodically for any changes.

For a transparent record of all significant changes to our legal documentation, please visit our Legal Updates.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Data Protection Officer & EU Representative

  • Data Protection Officer (interim): privacy@proxai.co
  • EU Representative (Art 27 GDPR): [to be appointed – we will update this page once finalised]
v1.0.0 - First Stable ReleaseTerms of Service