Simplio.devBack to home

Privacy Policy

Last updated: February 17, 2026

1. What we collect

  • Account info — email address and authentication data when you sign up via email, GitHub, or Google.
  • Usage metrics — request counts, token usage, latency, provider used, and error codes. We never log prompt content or AI responses.
  • Encrypted API keys — your provider keys are encrypted with AES-256-GCM before storage. We cannot read them.
  • Payment info — handled entirely by Stripe. We never store card numbers.

2. How we use your data

We use your data to operate the service: authenticate requests, route them to AI providers, track usage for billing, and display analytics in your dashboard. We do not sell your data to third parties.

3. AI request privacy

Simplio acts as a transparent proxy. Your prompts and AI responses pass through our Edge network but are never stored, logged, or inspected. We only capture metadata (tokens, latency, status codes) for your dashboard analytics.

4. Data storage & security

All data is stored in Supabase (PostgreSQL) with Row Level Security enabled. API keys are encrypted at rest using AES-256-GCM. All connections use TLS 1.3. The proxy runs on Vercel Edge Runtime for minimum latency and isolation.

5. Cookies

We only use strictly necessary cookies required for the service to function. We do not use any tracking, analytics, or marketing cookies.

CookiePurposeTypeDuration
sb-*-auth-tokenAuthentication session (Supabase)Strictly necessarySession / token expiry
sb-*-auth-token-code-verifierPKCE flow verificationStrictly necessarySession

Strictly necessary cookies are exempt from consent requirements under the ePrivacy Directive, as they are essential for the service to function.

6. Third-party services

  • Supabase — authentication and database
  • Stripe — payment processing
  • Vercel — hosting and Edge runtime
  • Sentry — error monitoring and performance tracing (no session replay, no personal data captured)
  • AI Providers — OpenAI, Anthropic, DeepSeek (your keys, your relationship)

7. Data retention

Usage logs are retained for 48 hours (Free) or 30 days (Pro). Account data is retained until you delete your account. You can request full data deletion by contacting us.

8. Your rights

You can access, export, or delete your data at any time from your dashboard settings. For GDPR requests or questions, contact us at privacy@simplio.dev.

9. Changes

We may update this policy from time to time. Material changes will be communicated via email or dashboard notification.