Privacy Policy

How Demeterics handles, secures, and processes your data.

Usage Modes (Quick Summary): Bring Your Own LLM Key (10% fee on provider cost), Managed LLM Key (115% of provider cost), and Bring Your Own Workflow ($0.03/1M input • $0.12/1M output tokens).

At Demeterics, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our LLM observability platform.

Important: When you use Demeterics to access LLM services, your data flows through both Demeterics and the respective AI provider (OpenAI, Anthropic, Google, or Groq). Each provider has their own privacy practices. Please review both this policy and the provider-specific policies below.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

Email address (for authentication via Google OAuth2)
Name (from your Google account)
Organization name (if provided)
Payment information (processed by our payment provider, not stored by us)

1.2 LLM Interaction Data

When you use our service to track LLM interactions, we collect:

Prompts (input text sent to AI models)
Responses (output text from AI models)
Metadata: timestamps, model names, token counts, latency metrics, cost data
User identifiers (for tenant isolation)
Request context: transaction IDs, session IDs, conversation threads
Error logs: API errors, rate limit hits, validation failures

1.3 API Keys

Demeterics API Keys:

Your Demeterics API key is always hashed with bcrypt (cost factor 12) before storage. The raw API key is never stored.

Provider API Keys (OpenAI, Groq, Anthropic, Google AI):

You have two options for providing your third-party provider API keys:

Transient Mode (No Storage):
- Include provider API key in each request via dual-key Authorization header
- Format: Authorization: Bearer demeterics_key,provider_key
- Provider keys are used transiently for proxying and never persisted by Demeterics
- Maximum security: zero storage = zero breach risk
- We never log provider keys in plain text
Stored Mode (Encrypted Storage):
- Configure provider API keys once in Settings UI
- Keys are encrypted with Google Cloud KMS (AES-256) before storage in Google Cloud Datastore
- Decrypted only in-memory when needed for API proxying
- Decrypted keys cached in memory for 15 minutes to reduce KMS calls
- Every decryption operation is audit logged to Google Cloud Audit Logs
- Encrypted keys stored with noindex flag for additional protection
- Recommended for convenience while maintaining enterprise-grade security

You can use different modes for different environments (e.g., transient for development, stored for production).

1.4 Usage Data

Log data: IP addresses, browser type, API endpoints accessed
Performance metrics: API response times, error rates, throughput
API usage: number of interactions, bandwidth consumed, credit usage

2. How We Use Your Information

We use the collected information to:

Provide the Service: Process and store LLM interactions for analytics and observability
Proxy Requests: Forward your prompts to LLM providers and return their responses
Authenticate users: Verify identity via OAuth2
Billing: Calculate usage and charge according to your credit consumption
Improve the Service: Monitor performance, fix bugs, develop new features
Security: Detect and prevent fraud, abuse, and security incidents
Compliance: Meet legal and regulatory requirements (GDPR, CCPA, SOC 2)
Communication: Send service updates, security alerts, and support responses

We do NOT use your LLM interaction data to:

Train machine learning models
Improve AI models (yours or LLM providers')
Share with third parties for marketing purposes
Sell or monetize beyond the observability service

Important: LLM providers may have different data use policies. See Section 3 below.

3. LLM Provider Data Sharing (Sub-Processors)

3.1 How Data Flows to LLM Providers

When you use Demeterics to access AI services, here's what happens to your data:

You send a prompt to Demeterics via our API or widget
Demeterics logs the prompt and metadata for observability
Demeterics forwards your prompt to the selected LLM provider (OpenAI, Anthropic, Google, or Groq)
The LLM provider processes your prompt and generates a response
Demeterics receives the response and logs it
Demeterics returns the response to you

Critical Point: Both Demeterics and the LLM provider receive and process your prompts and responses. Demeterics acts as a processor, while LLM providers may act as independent controllers with their own data use policies.

3.2 LLM Provider Privacy Policies

Each LLM provider has its own privacy policy and data use practices. You must review these policies before using their services through Demeterics:

OpenAI

Privacy Policy: https://openai.com/policies/privacy-policy
API Data Usage: https://openai.com/enterprise-privacy
Key Points: OpenAI does not use API data to train models (as of their current policy). Data is retained for 30 days for abuse monitoring, then deleted.

Anthropic (Claude)

Privacy Policy: https://www.anthropic.com/legal/privacy
Commercial Terms: https://www.anthropic.com/legal/commercial-terms
Key Points: Anthropic does not use API inputs/outputs to train models without explicit permission. Data retention varies by service tier.

Google (Gemini)

Privacy Policy: https://policies.google.com/privacy
Gemini API Terms: https://ai.google.dev/gemini-api/terms
Data Use: https://ai.google.dev/gemini-api/terms#data-use
Key Points: Google's data use varies by API tier. Review their terms carefully for training data policies.

Groq

Privacy Policy: https://groq.com/privacy-policy/
Terms of Service: https://groq.com/terms-of-service/
Key Points: Groq focuses on inference infrastructure. Review their policies for data retention and use practices.

3.3 What Demeterics Cannot Control

Demeterics does not control:

How LLM providers store, process, or use your data
LLM provider retention periods (independent of Demeterics retention)
Whether LLM providers use your data for model training (check their policies)
LLM provider security practices or breaches
Compliance of LLM providers with GDPR, CCPA, or other regulations

3.4 Your Responsibilities

It is your responsibility to:

Review each LLM provider's privacy policy before use
Ensure you have appropriate consent or legal basis to share data with LLM providers
Avoid sending sensitive personal data (PII, PHI, financial data) unless you've verified provider compliance
Comply with data protection regulations in your jurisdiction
Maintain appropriate data processing agreements with providers if required by law

4. Data Storage and Retention

4.1 Storage Location

All Demeterics data is stored in Google Cloud Platform (GCP) data centers in the United States:

BigQuery: LLM interaction logs, analytics data, aggregate metrics
Cloud Datastore: Account metadata, API keys (encrypted), configuration
Cloud Storage: Backups, exports, long-term archives

Important: LLM providers store data in their own infrastructure, which may be in different locations. Review their policies for data residency requirements.

4.2 Retention Period

Demeterics Retention:

Interaction data: 365 days by default (configurable by tier)
Account data: Retained until account deletion + 30 days
Billing records: 7 years (required by law)
Audit logs: 90 days (API key operations, security events)
Anonymized analytics: Indefinitely (aggregated, non-identifiable)

LLM Provider Retention:

Varies by provider (see their policies above)
Typically 30-90 days for API data, longer for abuse monitoring
Deletion from Demeterics does not delete data from provider systems

4.3 Data Deletion

Deleting Data from Demeterics:

You can delete interaction data via our GDPR-compliant deletion API
Account deletion: Contact support@demeterics.com
Upon account termination, all interaction data is deleted within 30 days
Billing records retained for 7 years per legal requirements

Deleting Data from LLM Providers:

You must contact each provider directly to request deletion
Demeterics cannot delete data from provider systems
Provider deletion policies vary—review their terms

5.1 We Do NOT Sell Your Data

Demeterics does not sell, rent, or trade your personal information or LLM interaction data to third parties.

5.2 Service Providers (Non-LLM)

We share data with trusted third parties only when necessary to provide the Service:

Google Cloud Platform: Infrastructure, storage, and compute (Data Processing Agreement in place)
Paddle: Payment processing (they do not receive LLM interaction data)
Google OAuth: Authentication service (receives only email and name)

5.3 Legal Requirements

We may disclose your information if required by:

Law, regulation, or legal process (subpoena, court order)
Government or law enforcement requests
Protection of Demeterics' rights, property, or safety
Investigation of fraud, security breaches, or Terms violations

We will notify you of such requests unless legally prohibited or in cases of imminent harm.

5.4 Business Transfers

If Demeterics is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

6. Data Security

We implement industry-standard security measures to protect your data:

6.1 Encryption

In Transit: TLS 1.3 for all API communications
At Rest: AES-256 encryption for all stored data
API Keys: Bcrypt-hashed (one-way encryption), never logged in plain text

6.2 Access Controls

Authentication: OAuth2, multi-factor authentication available
Authorization: Role-based access control (RBAC)
Tenant Isolation: Strict user_id filtering in all database queries
Employee Access: Minimum necessary access, audit logged

6.3 Monitoring and Logging

Audit Logs: All API key operations, security events, access attempts
Intrusion Detection: Real-time monitoring for suspicious activity
Vulnerability Management: Regular security audits and penetration testing
Incident Response: 24-hour security incident response team

6.4 Compliance Certifications

SOC 2 Type II: In progress (expected Q2 2025)
GDPR: Compliant (EU data protection regulations)
CCPA: Compliant (California Consumer Privacy Act)

7. Your Rights (GDPR/CCPA Compliance)

You have the following rights regarding your personal data:

7.1 GDPR Rights (EU/EEA Users)

Right to Access: Request a copy of your data via API or export
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure ("Right to be Forgotten"): Delete your data via deletion API
Right to Data Portability: Export your data in machine-readable format (CSV/JSON)
Right to Restrict Processing: Limit how we process your data
Right to Object: Opt-out of certain processing activities
Right to Withdraw Consent: Revoke consent at any time
Right to Lodge a Complaint: Contact your local data protection authority

7.2 CCPA Rights (California Users)

Right to Know: What personal information we collect and how we use it
Right to Delete: Request deletion of your personal information
Right to Opt-Out: Opt-out of sale of personal information (we don't sell data)
Right to Non-Discrimination: Equal service regardless of privacy rights exercise

7.3 Exercising Your Rights

To exercise any of these rights:

Email: support@demeterics.com with subject "Privacy Rights Request"
API: Use our GDPR-compliant deletion endpoint for data erasure
Export: Download your data via dashboard or API

We will respond within 30 days (GDPR) or 45 days (CCPA). We may require identity verification before processing requests.

7.4 LLM Provider Rights

For rights related to data processed by LLM providers, you must contact them directly. Demeterics can facilitate this by providing you with transaction IDs and timestamps to reference in your requests.

8. Cookies and Tracking

8.1 Essential Cookies

We use session cookies for authentication (OAuth2 sessions). These are necessary for the Service to function and cannot be disabled.

Session ID: Maintains your login state
CSRF Token: Prevents cross-site request forgery attacks
Expiration: Session cookies expire after 24 hours or when you log out

8.2 No Third-Party Tracking

We do NOT use:

Third-party analytics (Google Analytics, Facebook Pixel, etc.)
Advertising cookies or pixels
Cross-site tracking
Behavioral targeting

We believe in privacy-first design and only collect data necessary to provide the Service.

9. International Data Transfers

9.1 Data Location

Our servers are located in the United States. If you access the Service from outside the US, your data will be transferred to, stored, and processed in the United States.

9.2 GDPR Compliance for International Transfers

We comply with GDPR requirements for international data transfers through:

Standard Contractual Clauses (SCCs): EU-approved data transfer mechanisms
Data Processing Agreements (DPAs): Available upon request
Appropriate Safeguards: Technical and organizational measures per GDPR Article 46
Adequacy Decisions: Compliance with EU-US Data Privacy Framework where applicable

9.3 LLM Provider Transfers

LLM providers may transfer data to different locations:

OpenAI: Primarily US-based, some global infrastructure
Anthropic: US-based infrastructure
Google: Global infrastructure with regional options
Groq: US-based infrastructure

Review each provider's privacy policy for their data transfer practices.

10. Children's Privacy

Demeterics is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

If you believe we have collected data from a minor, contact us immediately at support@demeterics.com. We will delete such data promptly upon verification.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via:

Email notification (to your registered email address)
In-app notification when you log in
Updated "Last Updated" date at the top of this page
30-day advance notice for material changes (unless legally required sooner)

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

12. Data Processing Agreement (DPA)

Customers can request a Data Processing Agreement (DPA) for GDPR compliance. The DPA includes:

Roles and responsibilities (Controller vs. Processor)
Data processing purposes and scope
Sub-processor list (including LLM providers)
Security measures and breach notification
Data subject rights assistance
Standard Contractual Clauses (SCCs) for international transfers

Contact sales@demeterics.com to request a DPA. Turnaround time: 1-2 business days.

13. Contact Us

For privacy-related questions or concerns, contact:
Privacy Team: support@demeterics.com
Data Protection Officer: support@demeterics.com
Legal Inquiries: sales@demeterics.com
Response Time: 48 hours for privacy inquiries, 30 days for GDPR requests
Address: Blue Fermion, LLC

Privacy Reminder: When using Demeterics to access LLM services, your data is processed by both Demeterics and the respective AI provider. Review all applicable privacy policies and ensure you have appropriate consent or legal basis to share data with these services.

Privacy Commitment: We are committed to transparency and data protection. If you have any concerns about how your data is handled, please don't hesitate to reach out.