Arda Gateway

Privacy Policy

Effective Date: May 21, 2026. This policy explains Gateway-specific data handling and supplements the broader ArdaBot Privacy Policy.

ArdaBot, Inc. is a Delaware C corporation. Arda Gateway is our AI inference, authentication, OAuth, billing, and developer platform. By using Arda Gateway, you agree that this Gateway Privacy Policy and the ArdaBot Privacy Policy apply to your use of the service.

1. Information we collect

  • Account identifiers such as your Privy user id, email address, wallet address, or phone number when you sign in.
  • Gateway objects you create, including projects, API keys, OAuth applications, redirect URIs, scopes, token metadata, balances, auto top-up settings, and billing preferences.
  • Usage data needed to operate the gateway, including request timestamps, selected model, token counts, latency, cost, balance changes, cache behavior, status codes, and high-level diagnostics.
  • Inference request and response content only as needed to route, meter, secure, debug, or provide the requested service.
  • Payment and tax-related data processed by Stripe. ArdaBot does not store full card numbers.

2. How we use information

  • Authenticate your Arda account and issue Gateway tokens for Lens, Arda, developer apps, and API usage.
  • Route AI model requests, meter usage, calculate provider cost plus Gateway markup, update balances, prevent losses, and enforce limits.
  • Operate billing, top-ups, auto top-ups, subscriptions, payouts, invoices, receipts, fraud checks, and support workflows.
  • Monitor uptime, abuse, errors, performance, cache efficiency, and aggregate business metrics without exposing user content in analytics dashboards.
  • Comply with legal, security, accounting, and tax obligations.

3. Service providers

  • We use infrastructure, authentication, payment, observability, and AI model providers to run Arda Gateway. These providers process data only for the services they provide to us.
  • Inference content may be sent to the model provider selected for a request, including providers available through Vercel AI Gateway or direct integrations such as xAI for realtime voice.
  • Payment details are handled by Stripe. Authentication is handled by Privy. Infrastructure is hosted on providers such as DigitalOcean and Vercel.

4. Retention and security

  • We keep account, billing, ledger, and transaction records as long as needed to operate the service and meet legal obligations.
  • API keys and tokens are stored in hashed or secret-managed form where practical. You are responsible for protecting keys issued to your account or apps.
  • We use TLS in transit, access controls, audit logging, rate limits, and operational monitoring to protect the service.

5. Your choices

  • You can manage billing, payment methods, and auto top-up settings through Arda Gateway billing surfaces.
  • You can revoke or rotate Gateway keys and OAuth application credentials where those controls are available.
  • To request access, correction, deletion, or export of personal information, contact support@ardabot.ai.

6. Contact

Questions or requests can be sent to support@ardabot.ai. You can also review the broader Gateway Terms.