Legal
Privacy Policy
Last updated May 18, 2026. This policy explains what information qache collects when you use the hosted gateway and dashboard, how it is used, and the choices you have.
Information we collect
When you create an account, we receive your email address and name from our authentication provider. As you route traffic through the gateway, we record operational metadata for each request: request and token counts, model names, cache-hit statistics, tenant ID, API key identifier, and timestamps. This metadata powers the dashboard, savings reports, and abuse protection.
Prompt content and zero data retention
qache processes the body of each request in memory to analyze prompt shape and place cache breakpoints. By default, qache operates under a zero-data-retention policy and does not persist prompt or response bodies. Body storage stays off unless you explicitly enable it for a tenant (for example, to debug or inspect requests) in which case content is retained only for that tenant's configured retention window.
How we use information
We use the information we collect to operate and secure the gateway, render analytics and estimated savings in your dashboard, communicate with you about your account, and comply with legal obligations. We do not sell your information, and we do not use your prompts or responses to train models.
Third-party services
qache relies on a small number of service providers: an authentication provider for sign-in, cloud infrastructure for hosting, and the upstream LLM providers you choose (such as OpenAI, Anthropic, and Google). Requests you send through qache are forwarded to the upstream provider you target, using the provider credentials you supply, and are subject to that provider's own privacy terms.
Cookies
qache sets a small number of strictly functional cookies: an HttpOnly session cookie that keeps you signed in, and a cookie that remembers your light or dark theme preference. qache does not use advertising or cross-site tracking cookies.
Data retention
Account information is retained while your account is active. Operational metadata is retained on a rolling window sufficient to render analytics and investigate abuse. Prompt and response bodies are not retained unless you enable body storage, in which case they are kept only for the retention period you configure.
Security
Traffic to qache is encrypted in transit. Session tokens are stored in HttpOnly cookies rather than browser storage, and access to operational data is restricted to authorized personnel. No system is perfectly secure, but we work to protect your information using industry-standard practices.
Your rights
You may request access to, correction of, or deletion of your account information, and you may close your account at any time. To make a request, contact us at the address below.
Children
qache is a developer tool and is not directed to children. We do not knowingly collect information from anyone under 16 years of age.
Changes to this policy
We may update this policy as qache evolves. Material changes will be reflected by the “last updated” date above, and significant changes will be communicated through the dashboard or by email.
Contact
Questions about this policy or your data can be sent to info@qache.cc.