Privacy policy
Last updated: June 4, 2026
What we collect
Account email and user ID via Supabase Auth. Usage metadata: model, token counts, cache hits, and savings estimates — not full prompt text in analytics logs by default. API keys are stored hashed; provider keys are encrypted at rest when using the vault.
How we use data
To operate the proxy, show your dashboard analytics, enforce rate limits, and improve cache quality. We do not sell personal data.
Retention
Cache entries expire per TTL configuration. Usage logs are retained for analytics and billing reconciliation. You may request deletion of your account data by contacting support.
Subprocessors
Infrastructure may include Supabase (auth/database), Upstash (Redis), Pinecone (vector cache), Railway/Render (API hosting), and Vercel (web apps). Provider APIs (OpenAI, Anthropic) receive only what you send through the proxy.
Your rights
Depending on your region you may request access, correction, or deletion of personal data. Contact hello@prune.so for privacy requests.
Questions? Contact hello@prune.so