Privacy Policy

We collect three classes of data: (a) account data — email, name, organization, hashed credentials; (b) usage data — API calls, model invocations, feature inputs you submit; (c) telemetry — anonymized latency, error rates, and platform health metrics.

We never collect biometric data, location, or browsing history outside our own domains.

To deliver inference results, authenticate sessions, bill usage, prevent abuse, and improve model quality. Customer payloads submitted to /predict are never used to train models without an explicit opt-in agreement.

Inference is served from us-east, eu-west, and ap-south regions. EU customer data stays within the EEA. Sub-processors: AWS (compute), IBM Quantum (training only, anonymized), Stripe (billing), Resend (transactional email).

API request payloads are retained 30 days for debugging, then purged. Aggregated metrics are kept indefinitely. Account data is deleted within 30 days of account closure.

You may request access, correction, export, or deletion of your personal data at any time by emailing privacy@sonicium.ltd. We respond within 30 days.

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Access to production is limited to on-call engineers via short-lived SSO sessions and audit-logged. See the Security page for details.

Data Protection Officer — Sonicium Quantum Lab Ltd · privacy@sonicium.ltd