Security & data handling
One-page summary for infosec and procurement reviews — not a substitute for your DPA or pen-test scope.
- Inference estimation uses token counts, not prompt text.
POST /api/v1/estimateandPOST /api/v1/batch-estimateaccept model plus numeric token fields only. We do not require or store user prompts for CO₂e calculation. - Dashboard & track API.
POST /api/v1/trackpersists metadata your integration sends (e.g.tenant_id, model id, token counts, test/live flag) for metering and reporting — designed as product telemetry, not content archival. - Transport. Production APIs are served over HTTPS (TLS). API keys are Bearer secrets; rotate keys from the dashboard if compromised.
- Browser extension.Token estimates run in context according to the extension's permissions on supported chat UIs; aggregates sync to My footprint only when you opt in — see the extension page and Privacy Policy.
- Legal documents. Privacy, DPA, and Terms govern processing and subprocessors for the web product.
Questions: Contact · Sources · Demand-side tokens