BufferAI

Privacy Policy

Last updated: November 5, 2025

1. Introduction

BufferAI ("we", "us", or "our") operates an AI API proxy service that provides compliance and security features for AI integrations. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Information You Provide

  • Account information (email, name, organization details)
  • API usage data and logs
  • Payment information (processed by third-party payment processors)
  • Support communications

2.2 Automatically Collected Information

  • Log data (IP addresses, browser type, access times)
  • API request metadata (timestamps, endpoints, response codes)
  • Usage analytics and performance metrics

2.3 Data Processed Through Our Service

BufferAI acts as a proxy for AI API requests. We may temporarily process and analyze request and response data to provide compliance features, but we do not store the content of your AI interactions except as necessary for audit logs and hold queue functionality.

3. How We Use Your Information

  • Provide, maintain, and improve our services
  • Process API requests and enforce compliance policies
  • Detect and prevent security threats and policy violations
  • Generate audit logs and compliance reports
  • Communicate with you about our services
  • Comply with legal obligations

4. Data Retention

We retain your data for as long as necessary to provide our services and comply with legal obligations. Audit logs are retained according to your organization's settings, typically between 30 days and 7 years.

5. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit and at rest, access controls, and regular security audits. However, no method of transmission over the Internet is 100% secure.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

  • Service providers who assist in our operations (cloud hosting, analytics)
  • AI providers (OpenAI, Anthropic, etc.) as necessary to fulfill API requests
  • Law enforcement when required by law or to protect our rights

7. Your Rights (GDPR/CCPA)

Depending on your location, you may have rights to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to processing
  • Data portability
  • Withdraw consent

To exercise these rights, contact us at privacy@bufferai.dev

8. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at:

  • Email: privacy@bufferai.dev
  • Mail: Lucid Privacy, Inc.
← Back to home