Last updated 2026-06-25 · Singapore PDPA
We try to be straight about privacy, because the space is full of oversold marketing. Privacy isn't a setting at Flow AI — it's the architecture. The technical detail is on our Trust & security page; the specific data and training commitments are in our Data & Training Policy.
For the content of the prompts and outputs you submit, you are the data controller and Flow AI is a data processor — we act on your behalf and never use your data for our own purposes (no training, no profiling, no resale). Upstream Providers and Operators are sub-processors (see sub-processors). For account, billing and security data, we act as a controller.
No training on your data. Flow AI never uses your prompts or outputs to train any model, and we do not knowingly route to a provider tier that trains on inputs by default. We don't control Upstream Providers' own policies — see the Data & Training Policy.
No data selling. We do not sell your prompts, outputs, usage patterns, or any personal data.
Metadata-only by default. Our request logs store routing metadata (model, token counts, cost, latency, timestamps) — not your prompt or response bodies.
Content-free routing. The model is selected from tool-use and task-completion signals, never from reading your prompt content.
Privacy-positive routing. Because we spread traffic across providers, no single provider can profile your whole usage. A cache hit (if you opt in) never reaches any provider at all.
Sensitive data stays first-party. Prompts automatically detected as containing secrets or personal data are never dispatched to third-party Operators; nor is any traffic on an account set to "trusted sellers only."
Minimal retention. We keep operational logs (billing, abuse-prevention, routing metadata) for 30 days unless legally required to keep them longer.
Transparent routing. Every response shows which provider/operator served it, whether it was flagged, the price, and your cost.
When you send a request, it is forwarded to an Upstream Provider (e.g. DeepSeek, MiniMax) — and, for eligible non-sensitive traffic, possibly to an independent Operator — to perform the inference. That party receives your prompt and request metadata (such as IP and timing) under its own policies, which we do not control. We are not a VPN or anonymity service. If you need a specific provider or region never to see certain content, pin an allowed provider or enable "trusted sellers only."
We rely on Upstream Providers (inference), independent Operators (eligible non-sensitive traffic only), Clerk (authentication), Stripe (payments), and our hosting/edge providers. Each processes the minimum data needed for its function under its own terms. The full list, with regions and a 30-day change-notice commitment, is at flowaiapi.com/subprocessors.
Flow AI operates from Singapore. To provide the Service, prompts and metadata may be processed by Upstream Providers and sub-processors outside Singapore (see sub-processors). By using the Service you consent to these transfers; where required for EEA/UK data we rely on Standard Contractual Clauses (see the DPA). We take reasonable steps so recipients provide protection comparable to the PDPA.
You can delete API keys, set spend budgets, pin providers, enable "trusted sellers only," and request access to, correction of, or deletion of your personal data, and account closure, at any time. To make a request, contact our Data Protection Officer at privacy@flowaiapi.com.