legal

Privacy Policy

Last updated: March 25, 2026

Overview

FGY Cache ("the Service") is built around a simple data principle: we store only what is necessary to operate the caching service for your tenant, and nothing more. We do not sell, share, or use your data for advertising, training, or analytics beyond what is described here.

1. What We Collect

account data

When you sign up via Clerk, we receive your email address and a unique user identifier. We store your tenant name (defaults to your email domain), billing plan, and account settings such as your semantic cache threshold. This data is necessary to operate your account.

cached content

When LLM requests pass through FGY, we store: SHA-256 hashes of prompts, full response bodies, token counts, model identifiers, and pgvector embeddings (for semantic matching). All cached data is scoped to your tenant and isolated from other users. We do not inspect, analyze, or use your cached prompts or responses for any purpose beyond serving cache hits.

billing data

We maintain an append-only ledger of all balance mutations: top-ups, cache hit charges, and credit code redemptions. Each entry records the amount, resulting balance, associated model, and token count. Payment processing is handled entirely by Stripe — we do not store credit card numbers or bank details.

api keys

FGY API keys are stored as bcrypt hashes. We retain only the first 12 characters (prefix) in plaintext for lookup purposes. Raw keys are shown once at creation and cannot be recovered. Key metadata includes name, creation date, optional monthly limit, optional expiry date, and last-used timestamp.

2. What We Do Not Collect

  • Provider API keys. Your LLM provider bearer tokens are forwarded upstream on cache misses and never stored, logged, or persisted by FGY.
  • Request IP addresses. We do not log source IP addresses of API requests beyond what is transiently held in memory for rate limiting.
  • Tracking or analytics cookies. The marketing site and dashboard do not use third-party analytics, ad trackers, or profiling cookies.

3. How We Use Your Data

We use the data described above solely to:

  • Operate the caching proxy (serving cache hits, computing semantic similarity)
  • Calculate and deduct billing charges on cache hits
  • Display usage statistics and billing history in your dashboard
  • Authenticate your API requests and enforce rate limits

We do not use your cached content to train models, build derived products, perform market research, or for any purpose beyond direct service operation.

4. Third-Party Services

Clerk — handles authentication and session management. Their privacy policy governs how they handle your login credentials. We receive only your email and user ID.

Stripe — handles payment processing. We never see or store your full payment details. Stripe's privacy policy applies to all payment data.

Fly.io — hosts the FGY backend infrastructure. Cached data resides on Fly.io managed Postgres instances with pgvector.

OpenAI — when semantic caching is enabled, prompt embeddings are generated via the OpenAI embeddings API. Only the prompt text is sent for embedding; responses are not shared. OpenAI's data usage policy applies to this API call.

5. Data Retention

Cached entries are retained for the lifetime of your tenant unless manually purged. Upon account termination, all cached data, API keys, and billing records are purged within 30 days. Billing ledger records may be retained for up to 7 years to comply with financial record-keeping requirements.

6. Data Security

All traffic to and from FGY is encrypted via TLS. API keys are stored as bcrypt hashes. Tenant data is isolated at the database level — queries are always scoped by tenant ID. The ETS-based auth cache uses per-key prefix lookups with a 5-minute TTL.

7. Your Rights

You can access, export, or delete your data at any time by contacting us. You may revoke API keys from the dashboard immediately. You may request complete account and data deletion by emailing support@fgy.ai.

8. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. Changes will be posted on this page with an updated effective date. We will not materially reduce the protections described here without advance notice.

Questions about privacy? Reach us at hello@fgy.ai.