Privacy Policy

"Caicaini", "we", and "us" refer to the operator of caicaini.com (the "Service"). For data-protection questions you can reach the operator at [email protected].

We collect three categories of data:

• Account data: your username, email address, and a hash of your password. At signup we also record the IP address you registered from and a coarse browser fingerprint, which we use to detect duplicate accounts and abuse.
• Usage data: the conversations you have on the Service, the prompts and files you upload, the outputs returned by the model, and per-message metering data (model used, input/output tokens, credit cost, latency, error code if any). We need this to render your chat history, to bill you correctly, and to investigate abuse.
• Payment data: when you pay with crypto we store the transaction hash, the amount, the wallet address you sent from, and the status of the payment. We do not store private keys. Card payments are not currently supported.

We do not knowingly collect special categories of personal data (health, biometric, political opinions, etc.) and we do not run the Service on children under 13.

We use your data only for the following purposes:

• To provide the Service — render chat, stream model output, run the CLI.
• To meter and bill you for credits used.
• To detect and prevent abuse — multi-account fraud, prompt-injection attacks, scripted scraping, and violations of the section of our Terms.
• To respond to your support questions when you contact us.
• To send transactional email (account verification, password reset, payment confirmations, plan-change notices). We do not send marketing email by default.

We do not sell or rent your data. We share it only with the following processors, each of whom is contractually obliged to use it only on our behalf:

• Model providers (currently Anthropic and Moonshot AI). When you send a prompt, the prompt and any attached files are forwarded to the model provider that serves the model you picked. The provider returns a response which we forward back to you. Anthropic and Moonshot have their own privacy policies; we contract with each on terms that prohibit them from training on the data we send.
• NOWPayments processes our crypto invoicing flow. Your wallet address and transaction hash pass through them. We never share your email or username with them.
• Cloudflare Turnstile runs the CAPTCHA on register and login. Cloudflare receives a Turnstile token plus the IP address of the request; it does not receive your username, password, or any account data.
• Cloudflare R2 stores any files you upload (images you attach to chat messages, generated artifacts) at rest. R2 is end-to-end encrypted and accessible only with credentials held by our API server.
• Hosting and infrastructure providers that run our database, Redis, and application servers. They have access to data only to the extent needed to operate the underlying machines.

We will disclose data to law enforcement only when compelled by a valid legal order, and only the minimum strictly required by that order.

Account data, conversation history, and payment records live in our managed MariaDB database. Uploaded files live in Cloudflare R2. Both are encrypted at rest. Daily encrypted backups of the database are retained for 30 days.

We retain your conversation history for as long as your account is active. You can delete an individual conversation at any time from the chat sidebar; deletion removes the conversation and its messages from our database within 24 hours, with backups expiring it on the standard 30-day rotation.

When you close your account, we anonymise your conversation data within 30 days and retain only the financial audit trail (payment receipts, credit ledger) for as long as required by accounting and anti-fraud law (typically 5–7 years).

Depending on where you live, you may have the right to access, correct, export, or delete the personal data we hold about you, and to object to or restrict certain processing. You can exercise most of these rights directly from :

• Update your username, email, or password from the account page.
• Delete individual conversations from the chat sidebar.
• Close your account from the danger-zone section of the account page.

For everything else — including a structured export of your data — email [email protected] from the address registered to your account. We respond within 30 days.

We use a small number of strictly-necessary cookies: an authentication session cookie (httpOnly, secure, SameSite=Strict), a CSRF token, and a Cloudflare Turnstile cookie scoped to the auth pages. We do not run analytics, advertising pixels, or any third-party tracking script on the Service.

Passwords are hashed with argon2id. Sessions use rotating refresh tokens with a short access-token lifetime. The API key for upstream model providers is stored server-side only and is rotated quarterly. All traffic is served over TLS.

No system is unbreachable. If you believe you have found a security issue, please report it to [email protected]. We do not currently run a paid bug-bounty program, but we will publicly thank good-faith reporters in the changelog at their request.

The Service is not directed to children under 13. We do not knowingly collect personal data from a child under 13. If you believe we have done so, contact us at [email protected] and we will delete it.

The Service may be operated from or use processors in jurisdictions different from your own. By using the Service you agree to these transfers. Where required by law we put appropriate safeguards in place, such as standard contractual clauses.

We may update this Policy from time to time. When we make material changes we will update the "Last updated" date and, where the change reduces your privacy in a material way, notify you by email at least seven (7) days before it takes effect.