Privacy Policy

1. What we collect

• Account. Email, optional name, password (hashed), optional organization name.
• Payment. A tokenized reference to your payment method (last 4 digits, brand, expiry), transaction IDs, and billing address. We never store full card numbers or CVVs.
• Usage. Request metadata (timestamps, token counts, model used, latency, HTTP status), the Model Provider we routed to, and your account identifiers.
• Prompts and completions. Sent to the Model Provider we route to. We log request and completion content for up to 30 days for security and debugging; you can disable content logging in account settings.
• Device. IP address, browser type and version, referring URL.

2. How we use it

To operate the Service (routing, billing, authentication), detect abuse and fraud, communicate with you about the Service, comply with legal obligations, and improve the Service using aggregated, non-identifying analytics. Legal bases for processing under GDPR are: contract performance (operating the Service, billing), legitimate interest and legal obligation (security, abuse prevention), and legal obligation (tax, regulatory).

3. How we share it

• Model Providers receive your prompts to fulfill your requests. They process your data as independent controllers, not on our behalf — they are listed at skylineintelligence.top/models and subject to their own privacy policies.
• Subprocessors help us run infrastructure, payments, email, support, and observability. The current list is at /legal/subprocessors. We notify account holders at least 14 days before adding a new subprocessor.
• Legal and safety: when we believe in good faith disclosure is necessary to comply with law, protect safety, or address fraud.
• Corporate transactions: if we are acquired or merge, with notice to you.

4. International transfers

Your data may be processed in the country where SKYLINE INTELLIGENCE is incorporated or where our subprocessors operate. For transfers out of the EEA, UK, or Switzerland to countries without an adequacy decision, we rely on Standard Contractual Clauses approved by the European Commission, plus additional safeguards where appropriate.

5. Retention

6. Your rights

You can access, correct, delete, or port your personal data; restrict or object to certain processing; and withdraw consent where processing is based on consent. Email privacy@skylineintelligence.top and we will respond within 30 days.

California residents (CCPA / CPRA): right to know, delete, correct, and opt out of sale or sharing. We do not sell personal information. You may designate an authorized agent.

EEA, UK, and Swiss residents (GDPR / UK GDPR / FADP): you may also lodge a complaint with your supervisory authority. Our legal bases are described in Section 2.

7. Security

We protect your data using TLS 1.2+ in transit, AES-256 at rest, role-based access controls, and continuous monitoring. No system is perfectly secure — if you find a vulnerability, please report it to security@skylineintelligence.top. We follow coordinated disclosure.

8. Children and AI-specific notes

The Service is not directed to children under 16 (or such higher age as your jurisdiction requires). We do not knowingly collect personal information from children.

Because SKYLINE routes requests to large language models: prompts are sent to Model Providers under their own terms; we and our Model Providers do not train models on your prompts or completions; and model outputs may be unpredictable — do not rely on them for legal, medical, financial, or other high-stakes decisions without human review.

9. Changes

We may update this policy from time to time. The "Last updated" date above reflects the most recent revision. For material changes, we notify account holders at least 14 days before the change takes effect. Previous versions are at /legal/privacy-history.

10. Contact

Privacy questions or requests:

By using SKYLINE, you acknowledge that you have read and understood this Privacy Policy.