PRIVACY_
POLICY

AI Sanctuary ("we", "us", or "our") operates a decentralized network of AI inference nodes explicitly designed to provide uncensored access to open-source foundation models.

Because our architecture is heavily decentralized, the way we handle data differs vastly from traditional centralized API providers (e.g., OpenAI, Anthropic).

By default, AI Sanctuary operates on a strict zero-retention policy for all model inference operations.

When you submit a prompt to our API or web interface, the data is held in-memory across the routing layer just long enough to generate the response. Once the response is streamed back to your client, the prompts and completions are immediately flushed from the node's RAM.

We do not log your chat history, prompts, images generated, or model outputs. Your history is stored entirely client-side (in your browser's localStorage).

To keep the network functioning and manage access tiers, we maintain the following minimal data footprints in Cloudflare KV / D1:

1. Authentication Data: Discord OAuth IDs or cryptographic wallet addresses used for logging in.

2. Tier & Token Balances: Your current SANC token balance, tier status, and basic usage metrics (requests count) to enforce rate limits.

3. Voice Models (Opt-In): If you upload a voice sample for the Bixby Voice Creator, the isolated audio file and resulting voice ID are stored securely so you can use them across sessions.

4. Payment Records: Managed entirely through Stripe. We never see or store your raw credit card data.

Parts of the AI Sanctuary grid are powered by aggregated APIs (like OpenRouter, Together, or community GPU runners).

When your request is routed to a third-party open-source runner, your data is subject to their individual privacy layers. However, we only partner with endpoints that guarantee zero-logging policies on API submissions.

Requests made to proprietary fallback models (e.g., GPT-4o for complex reasoning if selected) are subject to OpenAI's API terms, which explicitly state they do not use API data to train their models.

We utilize industry-standard TLS encryption for all data in transit across our node network.

Access to the core KV stores is heavily gated behind multi-factor authentication and restricted solely to the Lead System Architect.

While we cannot read your client-side chat history, we advise users to regularly secure their local browser environments to prevent malicious third-party script extraction.

We integrate official Google Identity Services to allow for secure authentication. When you "Sign in with Google," we only access your email address and profile name to create your account record.

We also utilize Google Analytics (gtag.js) to measure platform performance and uptime. This data is anonymized and used solely for operational improvements.

You can manage your Google data settings via your Google Account dashboard. For more, refer to Google’s Privacy & Terms at https://policies.google.com/privacy.

You have the sovereign right to your data. Because we store almost nothing, there is very little to delete.

You can request a full wipe of your KV authorization record (destroying your account, tier access, and token balance) by initiating a transmission via the /contact page.

Clearing your browser cache natively destroys all your conversation logs. We cannot recover them once you do.