This Privacy & Data Policy ("Policy") describes how LL ("we," "our," or "us") collects, uses, and protects information when you use our website, APIs, and domain-specific AI models (collectively, the "Services").
Because our models are deployed in highly sensitive, domain-specific workflows, we have engineered our systems with strict boundaries between the content you generate and the operational metadata required to run our business. We do not log your prompts or responses, but we do collect system metadata to ensure security, billing accuracy, and performance.
1. Information We Collect
1.1. AI Interaction Content (Strictly Not Logged)
We employ a strict ephemeral processing architecture for user content. Specifically:
- Prompts and Inputs: The text, documents, or data you submit to our AI models are processed in memory and immediately discarded after the response is generated.
- Responses and Outputs: The content generated by our models is returned to you and immediately discarded from our systems.
Exception by Express Agreement: We do not log, store, or monitor prompts or responses except where expressly agreed upon with the user. Enterprise clients may execute a separate written agreement opting into specific logging configurations (e.g., for internal auditing, compliance tracking, or custom model fine-tuning). Without such an explicit, written agreement, the default state is zero content retention.
1.2. Operational Metadata (Logged)
While we do not log the content of your interactions, we do automatically collect and store operational metadata associated with your API requests and website usage. This metadata includes:
- Network Data: IP addresses, user agents, and connection details.
- Usage Metrics: Number of tokens used (prompt tokens and completion tokens), timestamps of requests, and latency metrics.
- System Data: Model versions accessed, stop reasons (e.g., length limit reached, natural completion), and error codes.
1.3. Account and Billing Information
When you create an account, we collect personal and organizational information necessary to provide the Services. This includes your name, email address, company name, API key associations, and payment details.
1.4. Website Analytics and Cookies
We use standard cookies and analytics tools on our public-facing website to understand traffic patterns and improve user experience. This includes tracking page views, referral sources, and interaction with support widgets. You can manage cookie preferences through your browser settings.
2. How We Use Your Information
We use the collected information (excluding AI Interaction Content) for the following purposes:
- Service Delivery: To authenticate your API requests, manage your account, and provide customer support.
- Billing and Accounting: To calculate usage costs based on token counts and metadata, and to process invoices.
- Security and Abuse Prevention: To monitor for unusual activity, rate limiting, DDoS prevention, and enforcing our Terms of Service using IP and metadata logs.
- System Optimization: To analyze latency, error rates, and stop reasons to ensure our infrastructure remains reliable and performant.
Model Training: Except with explicit consent, your interaction content is never used to train, improve, or fine-tune our foundational or domain-specific models.
3. Data Retention
We retain data only for as long as necessary to fulfill the purposes outlined in this Policy:
- AI Content: 0 days (ephemeral processing), unless governed by a custom Enterprise Agreement.
- Operational Metadata: Retained for up to 12 months for billing disputes, auditing, and security forensics, after which it is aggregated or deleted.
- Account Information: Retained for the lifetime of your active account, and for a legally required period thereafter for tax and compliance purposes.
4. Information Sharing and Disclosure
We do not sell your personal information or metadata. We may share information only in the following circumstances:
- Service Providers: With trusted third-party vendors who assist us in operating our infrastructure (e.g., cloud hosting providers, payment processors). These providers are bound by strict confidentiality obligations.
- Legal Compliance: If required to do so by law, court order, or governmental request. Note that because we do not store prompts or responses, we cannot provide user interaction content to law enforcement.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to the acquiring entity adhering to this Policy.
5. Security
We implement industry-standard technical and organizational measures to protect your data. This includes TLS encryption for all data in transit, encrypted storage for account data and metadata, strict access controls for our engineering team, and regular security audits.
6. Your Rights
Depending on your jurisdiction (e.g., GDPR, CCPA), you may have the right to access, correct, or delete your personal data. You may also request an export of your account information and metadata. To exercise these rights, please contact us. Please note that requests to access or delete "chat history" or "prompt logs" cannot be fulfilled, as this data is not stored by LL.
7. Changes to This Policy
We may update this Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated Policy on this page and updating the "Effective Date." For significant changes affecting data use, we will notify active account holders via email.
8. Contact Us
If you have questions about this Privacy & Data Policy, our security practices, or wish to discuss custom logging agreements for enterprise use, please contact us via our support widget.