Privacy Policy

1. Introduction

Welcome to SteerLLM ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI model steering platform and related services (collectively, the "Services").

By accessing or using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Account Information

When you create an account with us, we collect:

• Name and email address
• Username and password (encrypted)
• Profile information you choose to provide
• Authentication data managed by our third-party authentication provider (Clerk)

2.2 Usage Information

We collect information about how you interact with our Services:

• API usage metrics and statistics
• Credit consumption and billing history
• Feature search queries and results
• Model selection preferences
• Dashboard and application usage patterns
• API key creation and management activities

2.3 Technical Information

We automatically collect certain technical information:

• IP addresses and device identifiers
• Browser type and version
• Operating system information
• Log data and error reports
• Cookies and similar tracking technologies

2.4 Payment Information

When you make a purchase, payment processing is handled by Stripe, our third-party payment processor. We do not store your complete credit card information on our servers. We receive and store limited payment information such as:

• Last four digits of your credit card
• Card type and expiration date
• Billing address
• Transaction history

3. Information We Do NOT Collect or Store

3.1 LLM Messages and Content

Important: We do not store, log, or retain any messages, prompts, or responses that pass through our AI model inference API. Our platform acts as a proxy service that routes your requests to the underlying language models. Once a request is processed and the response is returned to you, we do not maintain copies of:

• User prompts or queries sent to the models
• Model responses or generated content
• Conversation history or context
• Any personally identifiable information contained within your prompts

This ensures that your interactions with the AI models remain private and are not used for training, analysis, or any other purpose beyond immediate request processing.

4. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To provide, maintain, and improve our AI model steering platform and API services
• Account Management: To create and manage your account, authenticate users, and provide customer support
• Billing and Payments: To process transactions, manage credits, and maintain billing records
• Usage Analytics: To understand how our Services are used, optimize performance, and develop new features
• Security: To detect, prevent, and address technical issues, fraudulent activity, and security threats
• Communications: To send you service-related announcements, updates, and administrative messages
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

5. How We Share Your Information

We may share your information in the following circumstances:

5.1 Service Providers

We work with third-party service providers who assist us in delivering our Services:

• Clerk: Authentication and user identity management
• Stripe: Payment processing and billing services
• Cloud Infrastructure Providers: Hosting and infrastructure services

These service providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your information.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal processes (court orders, subpoenas, search warrants)
• Government or regulatory requests
• Protection of our rights, property, or safety
• Investigation of potential violations of our Terms of Service

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the business transaction. We will notify you of any such change and the choices you may have regarding your information.

5.4 With Your Consent

We may share your information for any other purpose with your explicit consent.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using industry-standard TLS/SSL protocols
• Encryption of sensitive data at rest
• Regular security assessments and monitoring
• Access controls and authentication mechanisms
• Secure API key management and storage

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to provide you with our Services and to comply with legal obligations. Specifically:

• Account Information: Retained for the duration of your account plus a reasonable period afterward for legal and business purposes
• Usage Data: Typically retained for analytical purposes for up to 12 months
• Transaction Records: Retained for tax and accounting purposes as required by law (typically 7 years)
• LLM Messages: Not retained at all (immediately discarded after request processing)

When information is no longer needed, we securely delete or anonymize it.

8. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Request transfer of your information to another service provider
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing in certain circumstances
• Withdrawal of Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at the email address provided in the Contact Information section. We will respond to your request within a reasonable timeframe and in accordance with applicable law.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform. These include:

• Essential Cookies: Required for basic functionality such as authentication and security
• Performance Cookies: Help us understand how you use our Services to improve performance
• Functional Cookies: Remember your preferences and settings

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Services.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer information internationally, we take appropriate safeguards to ensure that your information receives an adequate level of protection, including:

• Standard contractual clauses approved by relevant authorities
• Ensuring service providers are certified under appropriate frameworks
• Implementing technical and organizational security measures

11. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us. If we learn that we have collected information from a child without parental consent, we will take steps to delete that information.

12. Third-Party Links

Our Services may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.

13. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect, use, and disclose
• Right to request deletion of your personal information
• Right to opt-out of the sale of personal information (Note: We do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us using the information provided in the Contact Information section.

14. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR), including:

• The right to access your personal data
• The right to rectify inaccurate personal data
• The right to erasure ("right to be forgotten")
• The right to restrict processing
• The right to data portability
• The right to object to processing
• Rights related to automated decision-making and profiling

You also have the right to lodge a complaint with your local supervisory authority.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy on this page
• Updating the "Last Updated" date at the top of this policy
• Sending you an email notification (for significant changes)

Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

We will respond to your inquiry within a reasonable timeframe, typically within 30 days.

17. Consent

By using our Services, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Services.