Privacy Policy

The data controller responsible for your personal information is MrrBase, LLC, a Delaware limited liability company, with registered address at 131 Continental Dr, Suite 305, Newark, DE 19713, USA. You can reach us at [email protected].

2.1 Account Information: email address, username, and authentication credentials.

2.2 Billing Information: name, billing address, and the last four digits of your payment card. Full payment card numbers are collected and stored by our payment processor, Stripe, and are never stored on our servers.

2.3 Usage Information: API request metadata such as timestamps, model used, token counts, and approximate request size, used for billing and abuse prevention.

2.4 Technical Information: IP address, browser type, device identifiers, and operating system.

2.5 We do not log or persist the content of your API requests or responses beyond the short operational window described in Section 6.

3.1 To provide, maintain, and improve the Service.

3.2 To process payments and billing.

3.3 To communicate with you about your account and service-related notices.

3.4 To detect, prevent, and respond to fraud, abuse, security incidents, and violations of our Terms of Service or Acceptable Use Policy.

3.5 To comply with legal obligations.

We engage the following categories of sub-processors to deliver the Service:

• Stripe, Inc. — payment processing

• Upstream AI model providers — OpenAI, Anthropic, Google, xAI, and similar — to fulfill your API requests

• Cloud infrastructure and CDN providers — for hosting and content delivery

• Analytics providers (if and where used) — for service performance monitoring

Each sub-processor is required to handle data consistent with applicable law and only for the purposes described.

5.1 We do not sell your personal information.

5.2 We share information only as necessary with the sub-processors listed above, or when required by law, court order, or to protect the rights, property, or safety of MrrBase, our users, or the public.

5.3 In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you of any such change.

6.1 We use industry-standard technical and organizational measures to protect your information, including TLS encryption in transit, encryption at rest where applicable, and access controls.

6.2 API request and response content is not stored beyond a short operational window (typically 3–30 days) for the purpose of debugging, abuse prevention, and reliability.

6.3 Account and billing records are retained for as long as your account is active and thereafter as required by applicable law, accounting, or tax obligations.

6.4 No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

7.1 MrrBase, LLC is based in the United States and operates the Service from infrastructure located in the United States and other jurisdictions. By using the Service, you understand that your information may be transferred to, stored, and processed in countries other than your country of residence.

8.1 We use cookies and similar technologies for essential functions (session, language preference) and, where applicable, for analytics and fraud prevention. For details, see our Cookie Policy at /cookies.

9.1 Subject to applicable law, you may have the right to access, correct, delete, or port your personal information, to withdraw consent, and to object to or restrict certain processing.

9.2 California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what categories of personal information we collect, the right to delete, and the right to non-discrimination for exercising these rights.

9.3 Residents of the European Economic Area, the United Kingdom, and Switzerland have rights under the GDPR / UK GDPR, including the right to lodge a complaint with a supervisory authority.

9.4 To exercise your rights, contact us at [email protected]. We may need to verify your identity before processing your request.

10.1 The Service is not directed to children under 13 (or under 16 in some jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

11.1 We may update this Privacy Policy from time to time. We will post the updated policy on our website and update the "Last updated" date. Material changes will be communicated through the Service or by email.

If you have questions or requests about this Privacy Policy, please contact us: