RemKey

Legal

Privacy Policy

Last updated: 2026-07-06. This policy explains what Remekie One ("we", "us"), the company behind RemKey, collects when you use the RemKey gateway and dashboard, and how we handle it.

What we collect

How we use it

To route, guard, and bill your requests; to produce the signed audit exports you request; to operate and improve the gateway (aggregate, not per-prompt-content); and to communicate with you about your account.

Who else sees it

Your request is sent to whichever model provider you've configured (Anthropic, OpenAI, OpenRouter, or another provider you've connected), subject to that provider's own terms and privacy policy, that's inherent to a gateway: we route to the provider you chose, we don't introduce a new one. We don't sell your data, and we don't use your prompt or response content to train models.

Data retention

Request metadata is retained for as long as your account is active, so your audit trail stays continuous. Signed audit export bundles you generate are stored until you delete them. Provider keys are retained encrypted until you revoke them, revocation is immediate.

Security

Provider keys are encrypted at rest. The audit trail is hash-chained and Ed25519-signed, so tampering is detectable, not just logged. Access to the admin plane requires a bearer token, compared in constant time.

Your rights

You can request a copy of your account data, request deletion of your account and associated data (subject to any audit-retention obligations you've configured), and revoke any provider key at any time from the dashboard.

Changes to this policy

We'll update the date at the top of this page when this policy changes and, for material changes, tell active accounts directly.

Contact

Questions about this policy: sales@remkey.ai.