Back to Home|

Privacy Policy

Privacy Policy

Effective Date: January 1, 2024 | Last Updated: February 14, 2026

Our Commitment: We take your privacy seriously. This policy describes how we collect, use, and protect your information when you use CacheGPT.

1. Information We Collect

Account Information

  • Email address
  • Username (optional)
  • Hashed password (never stored in plain text)
  • Account creation date

API Usage Data

  • API request metadata (timestamps, models used)
  • Cached queries and responses (for service functionality)
  • Usage statistics (request counts, cache hit rates)
  • API keys (encrypted)

Technical Information

  • IP addresses (for security and rate limiting)
  • Browser type and version
  • Operating system
  • Request headers

Integration Data

  • OAuth tokens for connected services (Discord, Gmail, Slack, Microsoft Teams, Google Calendar, Notion, Google Drive, Jira)
  • Integration data (messages, emails, calendar events) is accessed in real-time via OAuth and is NOT bulk stored on our servers
  • Integration connection metadata (provider, connection status, last synced)

2. How We Use Your Information

We use the collected information to:

  • Provide and maintain the CacheGPT service
  • Process and cache API requests efficiently
  • Generate usage analytics and statistics
  • Detect and prevent abuse or fraudulent activity
  • Send service-related communications
  • Improve service performance and features
  • Comply with legal obligations

3. Data Security

We implement industry-standard security measures including:

  • TLS/SSL encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • Bcrypt hashing for passwords
  • Regular security audits and updates
  • Access controls and authentication
  • Rate limiting and DDoS protection

4. Data Retention

We retain your data as follows:

  • Account data: Until account deletion
  • Cached responses: 30 days (configurable)
  • Usage logs: 90 days
  • Security logs: 1 year
  • Integration tokens: Until integration is disconnected or revoked
  • Integration data: Accessed in real-time, not permanently stored

You can request data deletion at any time through your account settings or by contacting support.

5. Data Sharing

We do NOT sell, trade, or rent your personal information. We may share data only in these circumstances:

  • With your explicit consent
  • To comply with legal obligations or court orders
  • To protect against fraud or security threats
  • With service providers under strict confidentiality agreements
  • In aggregated, anonymized form for analytics

6. Third-Party Services

We integrate with the following third-party services:

  • LLM Providers: OpenAI, Anthropic, Google, Perplexity (for AI chat)
  • Communication: Discord, Slack, Microsoft Teams (messaging integrations)
  • Google Services: Gmail, Google Calendar, Google Drive (email, calendar, file integrations)
  • Productivity: Notion, Jira (workspace integrations)
  • Hugging Face: For embedding generation
  • Supabase: Database and authentication
  • Vercel: Hosting

Each service has its own privacy policy. We recommend reviewing them.

7. Your Rights (GDPR/CCPA)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Deletion: Request deletion of your data ("right to be forgotten")
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Opt-out of certain data uses

To exercise these rights, contact privacy@cachegpt.io

8. Cookies & Local Storage

We use cookies and browser local storage for:

  • Authentication and session management
  • Security (CSRF protection)
  • User preferences (e.g., theme, quality mode)
  • Onboarding state (e.g., guided tour completion)
  • Analytics (anonymous usage patterns)

Local storage data stays on your device and is not transmitted to our servers. You can control cookies and clear local storage through your browser settings. Disabling these may limit some features.

9. Children's Privacy

CacheGPT is not intended for users under 13 years of age. We do not knowingly collect personal information from children. If we discover such data, we will promptly delete it.

10. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses and adequacy decisions.

11. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or through the service. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy-related questions or concerns:

Data Protection Officer
Email: privacy@cachegpt.io
Support: cachegpt.io/support
Response Time: Within 48 hours

Your Privacy Matters: We are committed to protecting your data and being transparent about our practices. If you have any concerns, please don't hesitate to contact us.