This Privacy Policy explains what information Floopy ("we", "us") processes when you use the Floopy AI Gateway and dashboard (the "Service"), and your choices regarding it. It applies to the floopy.ai websites and the app.floopy.ai dashboard.
1. Use of your account information
We process the account information you provide — such as name, email, organization, and billing details — to create and operate your account, authenticate you, provide support, send service and billing communications, and protect the Service against fraud and abuse. We do not sell your personal information.
2. Use of request data
To deliver the Service we process the requests you route through the gateway — including prompt inputs and the outputs returned by providers — strictly to perform routing, caching, rate limiting, security filtering, and observability. This content is processed to operate the Service for you and is not used to train or improve any model. Aggregate and metadata signals (such as latency, status, model, and request counts) are used for analytics and to show you usage in the dashboard.
3. Use of tokens
We process token counts and the API keys and access tokens associated with your account to authenticate requests, enforce plan limits and rate limits, meter usage, and calculate billing. Provider credentials and Floopy-issued keys are stored using encryption and are accessible only to the systems that need them to operate the Service.
4. Use of feedback
When you explicitly submit feedback on a request (for example, a quality rating or label), we use it to power routing-quality features for your account and to improve the product and our routing models. Feedback is the only request-associated signal we may use for improvement.
5. Use of requests for model training
We do not use your request inputs or the outputs returned by providers to train, fine-tune, or otherwise improve any model. The only signal used for that purpose is the feedback you explicitly submit. Inputs and outputs are used solely to provide the Service.
6. Use of cookies
We use strictly necessary cookies to keep you signed in, remember your selected organization and preferences, and protect against cross-site request forgery. We may use limited analytics to understand site and product usage. You can control cookies through your browser; disabling strictly necessary cookies may prevent the dashboard from working.
7. Use of personal data
We process personal data as a controller for account, billing, and website data, and as a processor for the content you route through the gateway on behalf of your organization. We process personal data only for the purposes described in this Policy and on a lawful basis (such as performing our contract with you, our legitimate interest in operating and securing the Service, and compliance with legal obligations). We use sub-processors (such as cloud, payment, and AI providers) to deliver the Service; the current list is available on request and in the dashboard's compliance section. Depending on your jurisdiction you may have rights to access, correct, port, or delete your personal data.
8. Data deletion
You can request deletion of your account and associated data by contacting our support, or by deleting your workspace where that option is available in the dashboard. On termination we delete or anonymize workspace data within our standard retention window, except where we must retain certain records to comply with legal, accounting, or legitimate audit obligations (for example, append-only legal consent and billing records). Backups are purged on their normal rotation cycle.
Questions about this Policy or a data request can be sent to the support contact published on the website.