1. Information We Collect
We collect information you provide when you create an account, configure providers, and use MeterFox:
- Account information (name, email address) via Clerk authentication
- API provider keys (encrypted with AES-256-GCM at rest)
- API usage data (token counts, model names, response latencies)
- Organization and team membership data
- Billing information processed through Stripe
2. How We Use Your Information
- To provide cost tracking, analytics, and alerting services
- To proxy API requests and log usage metadata (not request/response bodies)
- To send cost alerts, budget notifications, and digest emails
- To improve service reliability and performance
- To process subscription payments
3. Data Security
API keys are encrypted using AES-256-GCM before storage. Proxy keys are stored as SHA-256 hashes. All data is transmitted over HTTPS. We follow industry-standard security practices including regular dependency audits, rate limiting, and input validation.
4. Third-Party Services
We use the following third-party services:
- Clerk — Authentication and user management
- Stripe — Payment processing and subscription billing
- Neon — PostgreSQL database hosting
- Vercel — Application hosting and deployment
- Resend — Transactional email delivery
5. Data Retention
Usage records are retained for the duration of your subscription. When you delete a provider, all associated usage records are permanently removed. Account data is retained for 30 days after account closure.
6. Your Rights
- Access and export your usage data at any time
- Delete your providers and associated data
- Close your account and request data deletion
- Update your notification and digest preferences