Privacy Policy
Last updated: April 3, 2025
This Privacy Policy describes how MAIG ("we", "us", or "our") collects, uses, and shares information about you when you use our services, including the MAIG developer dashboard, API, and iOS SDK (collectively, the "Service").
1. Information we collect
Account information
When you create an account, we collect your name and email address. You may sign in via Google or GitHub OAuth; in those cases, we receive only the information those providers share with us (typically your name, email, and profile picture).
Payment information
We use Stripe to process payments. We do not store your credit card number, expiry date, or CVC on our servers. Stripe handles all payment data and is PCI-DSS compliant. We store only a Stripe customer ID and subscription status.
Usage data
When you route requests through the MAIG gateway, we log metadata about each request: timestamp, model requested, token counts, latency, HTTP status code, and which project the request belongs to. We do not log the content of your prompts or AI model responses.
Technical data
We may collect IP addresses, browser type, and referring URLs for security and abuse-prevention purposes.
2. How we use your information
- To provide, operate, and improve the Service
- To process payments and manage your subscription
- To enforce usage limits associated with your plan
- To send transactional emails (receipts, subscription changes, security alerts)
- To detect and prevent fraud or abuse
- To comply with legal obligations
We do not sell your personal information to third parties.
3. How we share your information
We share information only with the following categories of third parties, and only as necessary to operate the Service:
- Stripe — payment processing and subscription management
- Railway — cloud infrastructure and hosting
- Google / GitHub — OAuth authentication (only if you choose to sign in with those providers)
- AI providers (OpenAI, Anthropic) — your API requests are forwarded to whichever provider you configure; those providers have their own privacy policies
We may also disclose information if required by law, court order, or to protect the rights and safety of MAIG or others.
4. Data retention
Request logs are retained for the period associated with your plan (7 days on Free, 30 days on Pro, 90 days on Business). Account data is retained for as long as your account is active. You may request deletion of your account and associated data by contacting us.
5. Security
All data in transit is encrypted via HTTPS/TLS. Provider API keys you store in MAIG are encrypted at rest. We follow industry-standard practices to protect your data, but no system is completely secure.
6. Your rights
Depending on your location, you may have the right to access, correct, or delete your personal data, or to object to certain processing. To exercise these rights, contact us at support@maig.dev.
7. Children's privacy
The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13.
8. Changes to this policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes by email. The "last updated" date at the top of this page reflects the most recent revision.
9. Contact us
Questions about this policy? Email us at support@maig.dev.