Privacy Policy

1. Introduction

LocoreMind ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect information in connection with our Cloud API service, website, and self-hosted models.

LocoreMind is operated by a company registered at Unit A, 82 James Carter Road, Mildenhall, Suffolk, IP28 7DE, United Kingdom.

2. Information We Collect

We collect different types of information depending on how you use our services:

2.1 Account Information

When you create an account to use our Cloud API, we collect:

• Email address
• Name (if provided)
• Organization name (if applicable)
• API keys generated for your account

2.2 Payment Information

When you subscribe to a paid plan, payment processing is handled by Stripe, Inc. We do not store your full credit card number, CVV, or other sensitive payment details on our servers. Stripe collects and processes:

• Credit/debit card details
• Billing address
• Transaction history

Please refer to Stripe's Privacy Policy for details on how they handle your payment data.

2.3 Cloud API Usage Data

When you use our Cloud API, we collect:

• Token usage counts (for billing purposes)
• API request metadata (timestamps, model selected, response status)
• IP addresses for rate limiting and security

Important: We do not log, store, or use your API request content (prompts and completions) for training purposes. Request content is processed in memory and discarded after the response is returned.

2.4 Website Analytics

Our website (locoremind.com) may collect basic analytics information including:

• Page views and navigation patterns
• Browser type and device information
• Referring websites
• General geographic location (country/region level)

3. Self-Hosted Models

When you self-host our open-source models on your own hardware:

• Your data never leaves your machine
• We do not collect, store, or process your prompts or model outputs
• No API calls are made to our servers during local model inference
• You maintain complete control over your data and privacy

4. How We Use Your Information

We use collected information for the following purposes:

• Providing and maintaining the Cloud API service
• Processing payments and managing subscriptions
• Enforcing usage limits and preventing abuse
• Sending service-related communications (billing alerts, downtime notices)
• Improving our services and developing new features
• Complying with legal obligations

5. Third-Party Services

We use the following third-party services that may process your data:

• Stripe — Payment processing (Privacy Policy)
• GitHub — Code repository hosting (Privacy Policy)
• HuggingFace — Model hosting (Privacy Policy)

6. Data Retention

We retain your information as follows:

• Account data: Retained while your account is active and for 30 days after deletion request
• Usage logs: Retained for up to 90 days for billing and security purposes
• Payment records: Retained as required by tax and financial regulations (typically 7 years)
• API request content: Not retained — processed in memory only

7. Cookies

Our website uses minimal cookies for:

• Remembering your dark mode preference (localStorage)
• Session management when logged into the API dashboard
• Basic analytics (if enabled)

You can disable cookies in your browser settings, though this may affect website functionality.

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption in transit (TLS/HTTPS) for all API communications
• Encryption at rest for stored account data
• API key hashing — we store only hashed versions of your API keys
• Regular security reviews and updates

9. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Object to or restrict processing of your data

To exercise these rights, please contact us at [email protected].

10. Children's Privacy

Our services are not directed to children under 13 (or 16 in the EEA/UK). We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

11. International Data Transfers

Our Cloud API infrastructure may process data in multiple regions. For self-hosted models, data processing occurs entirely within your own infrastructure and jurisdiction. By using our Cloud API, you consent to the transfer of data to our processing locations.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For material changes affecting paid subscribers, we will provide notice via email at least 14 days in advance.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

• Email: [email protected]
• Address: Unit A, 82 James Carter Road, Mildenhall, Suffolk, IP28 7DE, United Kingdom