Privacy Policy

Effective Date: January 25, 2026

PromptCacheAI ("we," "our," or "us") provides an API-based prompt and response caching service designed to help developers reduce duplicate large language model (LLM) calls and improve application performance. This Privacy Policy explains how we collect, use, and protect information when you use PromptCacheAI.

Data Controller

For cached prompt content submitted by customers, PromptCacheAI generally acts as a data processor, while the customer remains the controller of any end-user data included in prompts. If you have questions, you may contact us at support@prompt-cache.ai.

Information We Collect

• Account Information: Email address and basic profile details you provide when creating an account.
• Billing Information: Subscription and payment status are handled through Stripe. We do not store your full payment card details.
• Cached Prompt Data: Prompts and responses submitted to the Service are stored encrypted at rest. We additionally use deterministic hashes (such as prompt_hash) to identify cached entries without storing plaintext prompts in searchable form.
• Usage Metadata: Request counts, cache hit rates, namespaces, timestamps, and model/provider identifiers used for analytics, plan enforcement, and service reliability.

How We Use Data

• Provide caching, retrieval, and similarity-matching features.
• Enforce subscription plan limits and rate limits.
• Maintain service reliability, analytics, and abuse prevention.
• Respond to support inquiries and account-related requests.
• We may retain limited server logs for security and abuse prevention.
• We do not sell or rent your personal information.
• We do not use customer prompts or responses to train machine learning models.

Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process personal data under the following lawful bases:

• • Contract necessity: To provide the Service you request.
• • Legitimate interests: To secure, improve, and operate our platform responsibly.
• • Legal obligations: To comply with applicable laws and billing requirements.

Data Security

PromptCacheAI stores cached prompts and responses encrypted at rest, but are decrypted temporarily when returned through the API in order to provide service functionality. API keys are hashed, and namespaces are isolated per user to support multi-tenant safety. While we take strong measures to protect data, no system can be guaranteed 100% secure.

User Responsibilities and Sensitive Data

You should avoid submitting sensitive personal data (such as medical, financial, or government identifiers) unless necessary. You are responsible for ensuring your application complies with applicable privacy laws when caching user-generated content.

Third-Party Service Providers

We rely on trusted third-party providers to operate the Service, such as:

• • Stripe (billing and subscription management)
• • Cloud hosting and database infrastructure providers

These providers only process data as necessary to deliver their services to us.

International Data Transfers

If you access the Service from outside the United States, your data may be processed or stored in the United States or other jurisdictions where our infrastructure providers operate. We take steps to ensure appropriate safeguards are in place where required.

Data Retention

We retain information only for as long as reasonably necessary to provide and operate the Service, comply with legal obligations, resolve disputes, enforce our agreements, and protect PromptCacheAI and our users.

• • Cached content: Cached entries are retained in accordance with your namespace TTL and configuration. TTL controls cache freshness, but entries may remain stored until they expire, are evicted, are overwritten, or are deleted.
• • Account data: We retain account-related data for as long as your account remains active, and thereafter as needed for legitimate business purposes and legal compliance.
• • Logs and security records: We may retain limited logs and security/audit records (for example, request metadata, anti-abuse signals, and operational diagnostics) for a period of time to maintain reliability, prevent fraud, and investigate abuse.
• • Backups: Copies of certain data may persist in encrypted backups and disaster-recovery systems for a limited period and will be deleted or overwritten according to our backup rotation schedules, unless retention is required by law or for security.

We may also retain and use aggregated and/or de-identified information (that does not reasonably identify you) for analytics, service improvement, and business operations.

Account Deletion

You may request deletion of your PromptCacheAI account from your Settings dashboard (if available) or by contacting support@prompt-cache.ai. Account deletion is intended to be permanent.

When you delete your account, we will initiate deletion of your account information and associated Service data, which may include:

• • Cached prompts and responses associated with your account
• • Namespaces, API keys, and configuration data
• • Certain logs and metrics associated with your account
• • Your authentication identity with our identity provider (e.g., Supabase), where applicable

Important: Deletion may not be immediate in all cases. Some information may be retained where reasonably necessary for security, fraud prevention, system integrity, backup rotation, compliance with legal obligations (including tax/accounting), or to exercise or defend legal claims.

Subscription cancellation through Stripe stops future billing and may limit access to paid features, but does not automatically delete stored data unless you complete full account deletion.

European Union (GDPR) Privacy Rights

If you are located in the EEA, UK, or Switzerland, you may have rights under GDPR, including:

• • The right to access the personal data we hold about you
• • The right to request correction of inaccurate data
• • The right to request deletion of your personal data
• • The right to object to or restrict processing
• • The right to data portability in certain circumstances
• • The right to withdraw consent where applicable

Children’s Privacy

PromptCacheAI is not intended for use by children under the age of 13 (or under 16 in certain jurisdictions). We do not knowingly collect personal data from children.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date.

Contact Us

For privacy-related questions or requests, please contact support@prompt-cache.ai.