Privacy Policy
Last Updated: April 28, 2026
Welcome to aicodewith.com (hereinafter referred to as "the Platform"), operated by FLOWMIND LTD. We value your privacy. This policy explains how we collect, use, store, and protect your personal information.
1. Information We Collect
1.1 Account Information
- Email address and username provided during registration
- Payment-related information (processed by third-party payment processors; we do not directly store your bank card information)
1.2 Usage Data
- API call records (call time, frequency, models used, token consumption, request status)
- Account balance and top-up records
1.3 API Request Content
API request and response content is forwarded in real-time to upstream AI model providers for processing. We do not persistently store the content of your API prompts or model responses on our servers. Transient logs may be retained for up to 24 hours solely for the purpose of error diagnosis and abuse prevention, after which they are automatically deleted.
1.4 Automatically Collected Information
- IP address, browser type, device information
- Access logs and cookies
2. How We Use Information
We use the collected information to:
- Provide and maintain API services
- Process payments and refunds
- Send service-related notifications (such as low balance alerts, system maintenance announcements)
- Analyze your API usage patterns (call frequency, model selection, token consumption) to improve service quality and provide personalized usage recommendations
- Prevent abuse and fraud
Legal basis for processing (GDPR): We process your data based on: (a) performance of our contract with you (providing the API service, processing payments); (b) our legitimate interests (fraud prevention, service improvement); and (c) your consent (marketing communications, which you may withdraw at any time).
3. Data Security
- All API communications are encrypted via HTTPS
- Data is stored on secure cloud servers with industry-standard security measures
- We will not sell your personal information to third parties
4. Third-Party Services
We use the following third-party services to operate the Platform:
| Service | Provider | Purpose |
|---|---|---|
| Payment processing | Stripe | Credit card payments and refunds |
| Authentication | Supabase | User login and session management |
| Hosting | Vercel | Website hosting and CDN |
| Database | Alibaba Cloud (RDS) | Data storage |
| AI model providers | Anthropic, OpenAI, Google | Processing API requests |
| CMS | Sanity | Blog content management |
| Analytics | Vercel Analytics | Anonymous usage analytics |
Each third-party provider processes data in accordance with their own privacy policies. We recommend reviewing their policies for details on their data handling practices.
Regarding API request content: API request content you send through the Platform will be forwarded to upstream AI model providers for processing. We recommend that you do not include sensitive personal information in API requests.
5. Data Retention
- Account information: retained during the account's existence, deleted within 30 days after account cancellation
- API call metadata (timestamps, token counts, model used): retained for 90 days
- API request/response content: not persistently stored (transient logs up to 24 hours)
- Payment records: retained as required by applicable law (typically 7 years)
6. Your Rights
You have the right to:
- View personal information we hold about you
- Request correction of inaccurate information
- Request deletion of your account and related data
- Export your usage data
To exercise the above rights, please contact: [email protected]
7. Your Rights Under GDPR
If you are located in the European Economic Area (EEA), you have the following additional rights under the General Data Protection Regulation (GDPR):
- Right of Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate or incomplete personal data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format
- Right to Object: Object to the processing of your personal data for certain purposes
- Right to Restrict Processing: Request that we limit the processing of your personal data
- Right to Lodge a Complaint: File a complaint with your local data protection supervisory authority
Data Controller: FLOWMIND LTD, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.
8. Your Rights Under CCPA
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request information about the categories and specific pieces of personal information we have collected about you
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: We do not sell your personal information. If this changes, we will provide a "Do Not Sell My Personal Information" link
- Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights
To submit a CCPA request, please contact us at [email protected].
9. Data Storage and International Transfer
Your data is stored on cloud servers located in the United States and Asia. If you access our services from outside these regions, your data may be transferred to and processed in these locations. We implement appropriate safeguards to protect your data during international transfers, including encryption in transit and at rest.
10. Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly. If you believe we have collected information from a child under 16, please contact us at [email protected].
11. Data Breach Notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and relevant supervisory authorities within 72 hours of becoming aware of the breach. Notification will include the nature of the breach, the data affected, and the measures taken to address it.
12. Cookie Policy
The Platform uses the following types of cookies:
| Type | Purpose | Examples |
|---|---|---|
| Strictly necessary | Authentication, session management | Supabase auth token, session ID |
| Functional | Language preference, theme setting | Locale cookie, dark mode preference |
| Analytics | Anonymous usage statistics | Vercel Analytics |
We do not use advertising or tracking cookies. You can manage cookies through your browser settings. Disabling strictly necessary cookies may prevent you from using the Platform.
13. Policy Changes
We may update this privacy policy from time to time. Significant changes will be notified to you through platform announcements or email, and you will be asked to reconfirm your consent upon your next login. If you do not agree with the updated policy, you may stop using the Platform and request account cancellation.
14. Contact Us
For any privacy-related questions, please contact:
- Email: [email protected]
- Platform: aicodewith.com