Privacy Policy
Table of contents
1. Who we are
Plugsky is a deploy-anywhere AI platform operated by Plugsky FZ-LLC, registered in the Dubai International Financial Centre (DIFC), Dubai, United Arab Emirates. For the purposes of GDPR and equivalent data-protection law, Plugsky is the data controller for personal data you provide when you create an account, and the data processor for content you submit to our inference APIs (prompts, files, RAG documents) on behalf of your organization.
2. What we collect
We collect three categories of data:
a) Account data (what you give us)
- Email address — used to sign in, send service notifications, billing receipts, and security alerts.
- Password — stored as a one-way bcrypt/argon2 hash. We never store plaintext. We never email your password.
- Name, company, locale — optional profile fields.
- OAuth profile (if you sign in with Google): your Google account ID, display name, email, and avatar URL.
- Billing data — last 4 digits of payment card, card brand, billing postal code (processed by Stripe; we never see full PAN).
b) Service data (what you send us)
- Prompts and messages you send to
/v1/chat/completions,/v1/embeddings, and other inference endpoints. - File uploads for RAG (Knowledge) — text, PDFs, code, or any other content you upload.
- Generated completions returned to you.
c) Telemetry (what the system records)
- Request metadata: timestamp, endpoint, model, response status, latency, token counts, request ID.
- Operational logs: errors, rate-limit hits, security events.
- Aggregated usage: tokens per day, per model, per workspace — used for billing and capacity planning.
3. What we do NOT do
This is the part most providers bury. We state it plainly:
- ❌ We do not use your prompts, completions, or RAG documents to train, fine-tune, evaluate, or improve any AI model — ours, our providers', or anyone else's.
- ❌ We do not sell your personal data or your service data to third parties, data brokers, or advertisers.
- ❌ We do not allow upstream model providers (opencode.ai, NVIDIA NIM) to retain your prompts or completions for training. This is contractually enforced through our provider agreements and Data Processing Addenda.
- ❌ We do not read or display your prompts to anyone other than the model you selected and our automated abuse-detection systems (which only flag, not store, content).
4. How we use data
| Purpose | Data | Lawful basis |
|---|---|---|
| Provide inference & route to the right model | Prompts, completions | Contract |
| Bill you correctly | Token counts, plan, workspace ID | Contract |
| Detect abuse & fraud | IP, request patterns, content flagged by classifiers | Legitimate interest |
| Notify you of incidents & security events | Email, audit log | Contract / legitimate interest |
| Improve our platform (not the models) | Aggregated, anonymized usage stats | Legitimate interest |
| Comply with law | Records required by tax, AML, sanctions | Legal obligation |
5. Legal bases (GDPR)
If you are in the EEA, UK, or a jurisdiction with similar laws, our lawful bases are:
- Contract — to provide the service you signed up for.
- Legitimate interest — to keep the service secure, prevent abuse, and improve it. You can object; we'll stop unless we have a compelling override.
- Legal obligation — to comply with applicable law (tax, sanctions, lawful government requests).
- Consent — for optional features (marketing emails, third-party cookies, optional integrations).
6. Sharing & sub-processors
We share data only with vetted sub-processors who are contractually bound to protect it. Current sub-processors:
| Sub-processor | Purpose | Data shared | Region |
|---|---|---|---|
| opencode.ai (Zen / Go) | Inference routing | Prompts, completions (no retention) | US, EU |
| NVIDIA NIM | GPU inference | Prompts, completions (no retention) | US, EU, KSA |
| Stripe Payments | Card processing, subscriptions | Card, billing address | US, EU |
| PostgreSQL (Docker) | Database hosting | Account, usage, audit logs | UAE (your VPS) |
| certbot / Let's Encrypt | TLS certificates | Domain validation only | Global |
We will notify you at least 30 days before adding a new sub-processor that handles Service Data.
7. International transfers
Data may be processed in the UAE, EU, US, or KSA depending on the routing path your request takes. When we transfer personal data out of the EEA/UK, we rely on:
- Standard Contractual Clauses (SCCs) approved by the European Commission.
- UK International Data Transfer Addendum where applicable.
- The EU-US Data Privacy Framework for US transfers (where the recipient is certified).
- For Enterprise customers, a signed DPA that may specify a particular region for in-region routing.
8. Retention
| Data | Retention | Why |
|---|---|---|
| Account data (email, plan) | While your account is active + 30 days after deletion | Recovery window, fraud prevention |
| API keys (hashed) | Until you revoke them | Security |
| Prompts & completions (request bodies) | 0 days — we do not store request/response bodies | Privacy by design |
| Usage metadata (tokens, latency, status) | 13 months | Billing, capacity planning |
| Audit logs (admin actions) | 13 months (Free/Starter) / 7 years (Scale/Enterprise) | Security, compliance |
| Billing invoices | 7 years | Tax / accounting law |
| RAG documents you upload | Until you delete them | Your control |
| Support tickets | 24 months after closure | Service improvement |
9. Your rights
You can:
- Access — request a copy of all personal data we hold about you.
- Rectify — correct inaccurate data via your dashboard or by emailing us.
- Erase — delete your account and all associated data. Account deletion is permanent and removes your API keys, RAG data, and configuration. Anonymized usage metadata may remain for billing integrity.
- Restrict — pause processing while we resolve a dispute.
- Port — export your RAG documents, agent definitions, and config as JSON / files.
- Object — to processing based on legitimate interest.
- Withdraw consent — at any time, for any consent-based processing.
- Lodge a complaint — with your local data protection authority. We'd appreciate the chance to fix it first; email privacy@plugsky.com.
To exercise any of these rights, sign in and visit Settings → Privacy, or email privacy@plugsky.com. We respond within 30 days.
10. Security
We protect your data with:
- TLS 1.3 encryption in transit (HSTS enforced).
- AES-256 encryption at rest on all storage volumes.
- API keys stored as SHA-256 hashes — we cannot recover them, only you can.
- Passwords hashed with Argon2id (or bcrypt as fallback).
- Two-factor authentication (TOTP) for all admin accounts.
- Role-based access control (RBAC) and per-key scopes.
- Audit logs for every administrative action; immutable for the retention period.
- Annual third-party penetration tests; findings remediated within 30 days of report.
- 24×7 security monitoring with automated abuse detection.
Report a vulnerability to security@plugsky.com. We run a responsible disclosure program.
11. Cookies
We use only strictly necessary cookies (session ID, CSRF token) and analytics cookies (self-hosted, anonymized, no cross-site tracking). We do not use advertising cookies, third-party tracking pixels, or Facebook/Google Analytics. You can disable analytics in Settings → Privacy.
12. Children
Plugsky is not directed at children under 16 (or older where local law requires). We do not knowingly collect data from children. If you believe a child has created an account, email privacy@plugsky.com and we will delete it within 7 days.
13. Changes to this policy
We will notify you by email at least 30 days before any material change takes effect. The full version history is available at /legal/privacy/history. Minor clarifications (typos, contact emails) do not require notice.
14. Contact
Data Protection Officer
Plugsky FZ-LLC · DIFC, Dubai, UAE
Email: privacy@plugsky.com
Postal: Building 1, Level 3, DIFC, Dubai, UAE
For users in the EU, our GDPR representative can be reached at eu-rep@plugsky.com.
This policy is provided in English. Translations are available on request; in case of conflict, the English version prevails.