Privacy Policy

Privacy Policy

Last updated: June 26, 2026

Our Commitment: AI Privacy Gateway is an open-source, self-hosted AI API privacy gateway. We do not collect your data, sell information to third parties, or store any sensitive content outside your machine. All PII masking happens locally; raw data never leaves your control.

1. Data We Process

AI Privacy Gateway operates as a reverse proxy between your AI client (e.g., ChatGPT, Cursor, Claude, DeepSeek) and the AI API service. The gateway processes:

The gateway does not actively collect any personal identifiable information (PII). If a request contains PII, the gateway detects and masks it locally before forwarding the processed request to the AI API.

2. Data Storage and Encryption

AI Privacy Gateway uses a local SQLite database (called the "Vault") to store masked mapping relationships for sensitive information. The vault is encrypted with AES-256-GCM; the encryption key is auto-generated at startup.

3. Data Sharing and Third Parties

AI Privacy Gateway does not sell, rent, or share your data with any third party. Specifically:

4. Self-Hosting and Control

AI Privacy Gateway is self-hosted software. You run it on your own infrastructure — whether a personal computer, server, or cloud instance. This means:

5. Website Data Collection

The AI Privacy Gateway website (privacygw.pages.dev) is a static site deployed on Cloudflare Pages. The website:

6. Data Security

We take the following measures to protect your data:

7. Your Rights

Under applicable data protection laws (e.g., GDPR, CCPA, PIPL), you have the following rights:

8. Changes to This Privacy Policy

We may update this privacy policy from time to time. Material changes will be announced via the GitHub repository Releases page. We encourage you to review this page periodically.

9. Contact Us

If you have questions, comments, or concerns about this privacy policy, please contact us: