1. Who we are
Privedge ("Privedge", "we", "us") provides an AI inference proxy that detects and anonymizes personally identifiable information (PII) in prompts before they reach third-party AI providers. Our service is available at privedge.io.
Contact: [email protected]
2. What data we collect
2.1 Account data
If you create a cloud account, we collect your email address and payment information (processed by Stripe — we never store card numbers). We use this to manage your subscription.
2.2 Request metadata (cloud mode)
For each proxied request, we log metadata only:
timestamp— when the request occurredrouted_to— "edge" or "cloud"pii_types— categories of PII detected (e.g., "email", "ssn") — not the actual valueslatency_ms— processing timecompliance— applicable standard (e.g., "hipaa")
We never store prompt content. The prompt is processed in memory, anonymized, forwarded to the AI provider, and the response is de-anonymized — all without any write to storage.
2.3 Self-host mode
If you self-host using our MIT-licensed code in your own Cloudflare account, we collect no data whatsoever. All processing occurs in your infrastructure.
3. How we use your data
- Provide and improve the Privedge service
- Process payments (via Stripe)
- Send transactional emails (subscription events, security notices)
- Generate aggregate, anonymized usage statistics
We do not sell your data. We do not use your data to train AI models. We do not share your data with third parties except as described in Section 4.
4. Sub-processors and third parties
| Provider | Purpose | Data shared |
|---|---|---|
| Cloudflare Workers | Edge compute runtime | Request metadata (no prompt content) |
| Cloudflare R2 | Audit log storage (Enterprise) | Request metadata only |
| Stripe | Payment processing | Email, billing info |
| AI providers (OpenAI, Anthropic, etc.) | LLM inference | Anonymized prompts only (PII replaced with tokens) |
5. Data retention
- Prompt content: 0 days — never written to storage
- Request metadata (Free/Pro): 30 days
- Request metadata (Enterprise): Custom, per contract
- Account data: Duration of active subscription + 30 days
6. Your rights
Under GDPR (EU/EEA users)
You have the right to access, rectify, erase, restrict, or port your personal data. You may object to processing and withdraw consent at any time. To exercise these rights, contact [email protected]. We respond within 30 days.
Under CCPA/CPRA (California residents)
You have the right to know what personal information we collect, to delete it, and to opt out of its sale. We do not sell or share personal information. To submit a request, email [email protected] with subject "CCPA Request".
Under LGPD (Brazil)
You have the right to access, correct, delete, or port your personal data. You may revoke consent or request information about third parties with whom we share data. Contact [email protected].
7. Security
All data in transit is encrypted with TLS 1.3. Each request runs in an isolated V8 sandbox (Cloudflare Workers) with no shared state between requests. Audit logs are stored in Cloudflare R2, which is encrypted at rest with AES-256. Privedge infrastructure inherits Cloudflare's SOC 2 Type II and ISO 27001 certifications.
8. Cookies
Privedge's marketing site uses no tracking cookies. We do not use Google Analytics or any behavioral tracking scripts. The site loads Font Awesome from a CDN for icons only — no tracking.
9. International data transfers
Cloudflare operates a global edge network. If you are in the EU, requests are processed on EU edge nodes by default. Enterprise customers can configure data residency to restrict processing to EU-only or US-only nodes. We rely on Cloudflare's Standard Contractual Clauses (SCCs) for any cross-border transfers.
10. Changes to this policy
We may update this policy periodically. Material changes will be communicated via email to account holders. Continued use of the service after changes constitutes acceptance.
11. Contact
For privacy inquiries, data subject requests, or DPA requests:
[email protected]
For the full Data Processing Addendum: Download DPA →