Last updated: June 7, 2026 · Effective date: June 7, 2026This Privacy Policy explains how OpenPAI (openp.ai, “we”, “us”, “the platform”) collects, uses, stores, shares and protects your information when you use the platform’s services. Please read it carefully before using the service. Continued use indicates your agreement to the processing described here.
1. Scope
This policy applies to all your access to and use of the platform through the OpenPAI website, console, API endpoints and related tools (collectively, the “Service”). It does not apply to products or services operated independently by third parties, including upstream model providers, payment channels and sign-in providers, who bear their own privacy responsibilities for their data processing.2. Information we collect
Account & identity information
Account & identity information
- The email address you provide at registration;
- When signing in via a third party such as GitHub, Discord, Telegram, LinuxDO or OIDC, the account identifier, username and avatar returned by that provider with your authorization;
- Profile details you voluntarily enter in settings (such as nickname, invoice title, tax number, contact info).
Top-up & transaction information
Top-up & transaction information
- Order number, top-up amount, currency, payment time and transaction status;
- The information required to issue an invoice.
API request data
API request data
- Request content (prompt / input): to perform model inference, your request is forwarded in real time to the relevant upstream model provider. By default, the platform does not persistently store your prompt body or model output;
- Usage & metering data: for billing and quota management, we record metadata for each request such as the model name, token count, call time, the token (API key) identifier, request ID and response status code.
Technical & log information
Technical & log information
- The IP address, browser and device type (User-Agent), request timestamp and request ID generated automatically when you access the Service;
- Operational and error logs used for troubleshooting and security protection.
3. How we use information
We use the information we collect only for the following purposes:- Providing and maintaining the Service: authentication, forwarding API requests, returning model results;
- Billing & quota: tallying token usage, deducting credit, generating bills and invoices;
- Account security: detecting abnormal logins and preventing abuse, fraud and unauthorized access;
- Service improvement: analyzing service performance and stability based on aggregated, de-identified statistics;
- Customer support: handling tickets, refund requests and troubleshooting;
- Compliance obligations: retaining necessary records to the extent required by laws and regulations.
We do not use your prompt content to train our own models, nor do we sell your personal information to unrelated third parties.
4. Upstream model providers & third-party services
OpenPAI is an aggregation gateway. When you call a model, the request is forwarded to the corresponding upstream model provider (such as OpenAI, Anthropic, Google), which performs the actual inference. This means:- Your request content reaches the relevant upstream provider during transmission and is subject to that provider’s own privacy policy and data-processing terms;
- Different upstreams have different policies on data retention and abuse monitoring; we recommend you review the relevant terms of the target model provider before sending sensitive information;
- Do not submit, in your requests, sensitive personal information, confidential data or regulated data that you are not authorized to process or that you do not wish to be processed by third parties.
| Category | Purpose |
|---|---|
| Third-party sign-in (OAuth/OIDC) | Account registration and login |
| Payment institutions | Top-ups and transaction processing |
| Cloud services & CDN | Service hosting and content delivery |
| Email services | Verification codes, notifications and billing emails |
5. Sharing and disclosure of information
Except in the following circumstances, we do not share your personal information with third parties:- Necessary to provide the Service: such as upstream model providers, payment and sign-in providers;
- With your consent: after obtaining your explicit authorization;
- Legal requirements: to comply with applicable laws, regulations, legal proceedings or mandatory government requests;
- Protecting rights: to protect the lawful rights, property or safety of the platform, users or the public, and to prevent fraud and security risks;
- Business changes: in a merger, acquisition or asset transfer, the relevant information may be transferred as part of the assets; we will notify you in a prominent manner.
6. Data storage & security
- We use transport-layer encryption (TLS/HTTPS) to protect data in transit;
- Account credentials are stored using industry-standard salted hashing and similar methods; platform staff cannot access your plaintext password;
- We implement access control, least privilege and auditing to reduce the risk of unauthorized access.
7. Data retention
- Account information: retained while your account exists; after account deletion, we delete or anonymize it within a reasonable period, except where retention is required by law;
- Transaction and billing records: retained for the statutory period to meet financial, tax and compliance requirements;
- Operational and metering logs: retained only as long as needed for billing, troubleshooting and security, then periodically cleared or de-identified.
8. Your rights
To the extent permitted by applicable law, you may:- Access and correct: view and modify your account information in the console;
- Delete your account: apply via Profile settings → Account security → Delete account; remaining credit after deletion is handled per the refund rules in the Terms of Service;
- Withdraw consent: stop using the Service or unbind third-party sign-ins;
- Export and inquire: request information about how your personal data is processed.
9. Cookies and local storage
We use the following types of cookies and local storage:- Essential: maintain login sessions and basic functionality; without them the Service cannot work properly;
- Preferences: remember personalized settings such as language and theme;
- Security: help detect abnormal logins and prevent risks such as CSRF.
10. International data transfers
Because upstream model providers and cloud infrastructure may be located in different countries or regions, your data may be transferred outside your region during processing. We will take reasonable measures to ensure such transfers comply with applicable data-protection requirements.11. Children’s privacy
This Service is intended for developers and enterprise users and is not directed at minors under 18. We do not knowingly collect minors’ personal information. If you discover that a minor has provided us information without guardian consent, please contact us so we can delete it.12. Policy updates
We may update this Privacy Policy from time to time. Material changes will be indicated via site announcements, console notifications or email. The updated policy takes effect upon publication, and the “Last updated” date at the top will be adjusted accordingly. Please review this page periodically.13. Contact us
If you have any questions, comments or complaints about this Privacy Policy, contact us via:- The console ticket system (recommended; speeds up identity verification and handling);
- Email: [email protected]
Terms of Service
Learn the rights, obligations and billing rules for using OpenPAI.