Privacy Policy

WHYPHY LABS AI, INC. PRIVACY POLICY  

Last Updated: June 29, 2025

WhyPhy Labs AI, Inc. (the “Company,” “we,” “us,” or “our”) is committed to maintaining robust privacy protections for its customers and end‑users. This Privacy Policy (“Policy”) is designed to help you understand how we collect, use, and safeguard information you provide to us when you access or use our large‑language‑model (“LLM”) application programming interfaces (“APIs”) and any related websites, dashboards, documentation, or services we operate (collectively, the “Service”).

Acceptance of Policy & Related Terms  

By creating an account, obtaining API credentials, or otherwise accessing the Service, you (the “Customer”) acknowledge that you have read, understood, and agree to be bound by this Policy and our Terms of Use. If you do not agree, do not access or use the Service.

I. INFORMATION WE COLLECT  

We collect “Personal Information,” “Customer Content,” and “Usage Data.”  

Personal Information Data that identifies or can be used to identify an individual, such as name, business email address, billing address, telephone number, payment‑card details, or authentication information provided through account creation or support interactions.

Customer Content Any data submitted to the LLM (e.g., prompts, embeddings input, files uploaded for fine‑tuning, and the corresponding model outputs). Customer Content may include Personal Information if you choose to include such data in your prompts.

Usage Data Technical information automatically collected when you interact with the Service—such as API request/response metadata (timestamps, token counts, latency), IP address, user‑agent, referring URL, device identifiers, and cookie or similar tracking technologies.

1. Information Collected via Technology  

We deploy cookies, log files, and similar technologies to collect Usage Data for security, reliability, and analytics purposes. Examples include:  

  • authenticating your session to the console;  

  • remembering dashboard preferences;  

  • measuring token usage for billing;  

  • detecting abuse (e.g., rate‑limit violations, automated scraping, or malicious content).  

You may configure your browser to reject non‑essential cookies; however, certain features of the Service may not function properly.

2. Information You Provide Voluntarily  

To register for an account or obtain API credentials, you must provide a valid email address and create a password (or use a supported single sign‑on identity provider). Depending on your subscription tier, additional billing and tax‑related Personal Information may be required.

3. Children’s Privacy  

The Service is intended for organizations and individuals 16 years of age or older. We do not knowingly collect Personal Information from anyone under 16. If we learn that such data has been submitted, we will delete it promptly.

II. HOW WE USE AND SHARE INFORMATION  

A. Personal Information  

We use Personal Information to:  

  1. create and administer your account;  

  2. process transactions and send invoices;  

  3. provide customer support and technical notices;  

  4. send security alerts, product updates, or marketing communications (you may opt out at any time—see Section IV).  

We do not sell or rent Personal Information. We disclose it only to:  

  • Service Providers (e.g., cloud hosting, payment processors, email delivery platforms) under written agreements requiring confidentiality and use limited to our instructions;  

  • competent authorities when required to comply with law or a valid legal process;  

  • an acquiring entity in connection with a merger, acquisition, or sale of substantially all assets (subject to this Policy).  

B. Customer Content  

Customer Content remains your property. We process it solely to provide the Service, which includes: generating model outputs, monitoring for abuse, ensuring capacity planning, and debugging/quality‑of‑service.  

  • Model Training. We do not use Customer Content to train or fine‑tune our foundational LLMs without your explicit opt‑in written consent.  

  • Retention. Unless you request earlier deletion, we retain encrypted logs (prompts and outputs) for up to 30 days to investigate security incidents and improve system safety. Aggregated, de‑identified statistics (e.g., total tokens processed) may be stored longer.  

C. Usage Data & De‑Identified Data  

We may aggregate or de‑identify Usage Data such that it can no longer reasonably identify an individual or Customer. We use and may share such data without restriction to analyze trends, improve the Service, and develop new features.

III HOW WE PROTECT INFORMATION  

We employ administrative, technical, and physical safeguards designed to protect information against unauthorized access, alteration, or disclosure, including:  

  • transport‑layer encryption (TLS 1.2+);  

  • at‑rest encryption of Customer Content and Personal Information;  

  • logically isolated production networks and role‑based access controls;  

  • periodic penetration testing and security audits;  

  • dedicated security & privacy team enforcing secure‑development‑lifecycle practices.  

No Internet transmission or storage system is fully secure; by using the Service you acknowledge these inherent risks.

IV. YOUR RIGHTS & CHOICES  

  • Access / Correction. You may review, update, or delete certain Personal Information in the account portal.  

  • Opt‑Out of Marketing. Click “unsubscribe” in any promotional email or adjust preferences in Settings → Notifications. Operational or legal notices are not subject to opt‑out.  

  • Data Portability / Deletion. Subject to applicable law, you may request an export or deletion of your Personal Information and undeprecated Customer Content by emailing privacy@whyphi.ai. Deletion requests do not affect logs retained for security compliance, which are purged automatically after the retention period.

V. THIRD‑PARTY LINKS & INTEGRATIONS  

Our documentation or console may contain links to third‑party sites or integrations (e.g., GitHub examples, plugin marketplaces). We are not responsible for the privacy practices or content of such third parties. Your use of those services is governed by their respective privacy policies.

VI. CHANGES TO THIS PRIVACY POLICY  

We may revise this Policy from time to time. Material changes will be announced by:  

  1. emailing the primary address associated with your account or  

  2. posting a prominent notice in the dashboard.  

Unless a shorter period is required by law, material changes take effect 30 days after notice. Non‑material updates are effective immediately. Continued use of the Service after any effective date constitutes acceptance of the revised Policy.

VII. CONTACT US  

For any questions about this Policy or our data‑handling practices, please email privacy@whyphy.ai or write to:  

Privacy Office  

WhyPhy Labs AI, Inc.  

25 Landview Drive  

Kings Park, New York, 11754  

United States 

---  

© 2025 WhyPhy Labs AI, Inc. All rights reserved.