Privacy Policy

To provide a complete service, we may collect:

1.1 Account information

• Email address — for account registration, password reset, and important notices
• Username — for platform identity
• Password (stored hashed) — for sign-in
• Identity / business verification (optional) — only when you choose to verify or where required by law (e.g., name, ID number, business registration number)

1.2 Usage information

• API call records — timestamps, target model, token usage, latency, etc.
• Account and transactions — top-ups, deductions, invoices
• Device and access — device type, OS, browser, IP address, page visits, operations

1.3 API call content

• Prompts you send to models
• Responses returned by models
• Call metadata — frequency, token counts, response times

We do not actively collect sensitive personal information (such as biometric data or religious beliefs) unless you provide it or it is required by law.

We use the information solely for the following purposes:

• Service delivery — processing API calls, account management, billing
• Identity verification — confirming the account owner and preventing fraud
• Billing — calculating fees, generating invoices, processing top-ups
• Service improvement — analyzing aggregate usage, optimizing performance, fixing defects
• Customer support — responding to inquiries, complaints, and technical requests
• Security — detecting and blocking malicious traffic, attacks, and fraud
• Legal compliance — meeting applicable laws and lawful requests
• Notifications — sending platform announcements, maintenance notices, and updates (marketing emails are unsubscribable)

We do not use your personal information for purposes not stated in this Policy without your explicit consent or legal obligation.

3.1 Location: Your personal information is stored on servers within mainland China. Cross-border transfer (e.g., calls to overseas AI models) follows applicable security and legal requirements.

3.2 Retention:

• Account information — for the lifetime of the account plus a reasonable period after closure
• API call records — 12 months, for billing reconciliation and dispute resolution
• Transaction records — 5 years, for financial audit and tax compliance
• System logs — 6 months, for security analysis and troubleshooting

3.3 API content (prompts and responses): We retain it only transiently for request execution and necessary technical support. We do not retain it long-term, and we do not use it to train AI models or for any other commercial purpose.

3.4 After the retention period, we delete or anonymize personal information, except where law requires otherwise.

We do not sell, rent, or otherwise disclose your personal information except in the following cases:

4.1 With your explicit consent

With your explicit authorization, we may share information within the authorized scope.

4.2 Service providers

To deliver the service, we may share necessary information with the following types of providers:

• Upstream AI model providers (e.g., OpenAI, Anthropic, Google) — your prompts are forwarded to the chosen model; these providers process the data under their own privacy policies
• Cloud infrastructure providers — for storage and compute
• Payment processors — for top-ups and deductions
• Customer support tools — for tickets and conversations

4.3 Legal requirements

We may disclose information when:

• Required by judicial authorities, government agencies, or other competent bodies
• Necessary to comply with applicable laws, court orders, or government directives
• Needed to protect the rights, property, or safety of HiveLLM, our users, or the public
• Required to address an emergency involving life, health, or significant property

4.4 Business transfers

In a merger, acquisition, or asset transfer, your information may be transferred as part of the transaction. We will notify you in advance and require the recipient to continue honoring this Policy.

We apply industry-standard safeguards to your personal information, including:

• Encryption in transit and at rest
• Strict access control under the principle of least privilege
• Regular security audits and penetration testing
• Backups and disaster recovery procedures
• Security awareness training for staff

We cannot, however, guarantee absolute security. If a breach occurs, we will take remedial action and notify you as required by law.

Please also protect your account and API keys. Report any irregularity at [email protected].

Under applicable laws (including the PRC Personal Information Protection Law), you have the right to:

• Access — request a copy of the information we hold about you
• Correct — ask us to fix inaccurate information
• Delete — request deletion (subject to statutory retention)
• Withdraw consent — revoke previously granted consents
• Close — close your account

Submit requests through your account settings or by emailing [email protected]. We respond within 15 business days.

We use cookies and local storage to remember sign-in state, store preferences (e.g., theme, language), analyze traffic, and provide security.

You can manage cookies in your browser, but disabling them may affect features such as session persistence.

The Platform is targeted at developers and businesses. If you are under 18, please review this Policy with a guardian and use the Platform only with their supervision.

If we learn we collected information from a minor without guardian consent, we will delete it as soon as possible.

When you call third-party AI models through the Platform, your request content is forwarded to the chosen provider for processing under their own privacy policies.

We recommend reviewing the privacy policy of any model provider you use.

We may update this Policy as our business or applicable laws evolve. Material updates will be communicated via in-product notice or email.

Continued use of the Platform constitutes acceptance of the updated Policy.