Privacy Policy
LighterHub
Effective Date: May 2026
About LighterHub
LighterHub operates an AI inference API service that provides access to large language models and other AI capabilities. We are committed to protecting your privacy and ensuring transparency about how we handle your data.
This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.
Data We Collect
When you use the LighterHub API, we collect only operational metadata necessary to provide, maintain, and improve our service:
- Timestamps: When requests are made
- Request IDs: Unique identifiers for tracking requests
- Token counts: Number of input and output tokens processed
- Latency: Response time and performance metrics
- Status codes: HTTP status and API response codes
- API endpoint: Which model or endpoint was called
What we do NOT collect: By default, we do not store prompts, completions, or the content of your requests. This data is processed and discarded immediately after responding to your request.
How We Use Your Data
We use operational metadata for the following purposes:
- Service delivery: To process your requests and provide accurate responses
- Performance monitoring: To track system health, uptime, and latency
- Usage tracking: To measure API usage, token consumption, and billing
- Debugging: To investigate errors and technical issues
- Improvement: To optimize performance and enhance service quality
- Compliance: To maintain audit logs and meet legal obligations
Temporary Debug Logging
In rare cases, we may enable temporary debug logging to diagnose technical issues or investigate service problems. When debug logging is enabled:
- Duration: Debug logging is always time-limited to a maximum of 7 days
- Scope: Limited to the specific requests and systems being debugged
- Access: Restricted to authorized engineering staff only
- Deletion: Debug logs are automatically deleted after the investigation period
If debug logging is ever enabled for your requests, we will notify you at founder [at] lighterhub.app and provide details about what was logged.
Data Protection
We implement industry-standard security measures to protect your data, including:
- Encryption in transit (HTTPS/TLS)
- Access controls and authentication
- Regular security audits and monitoring
- Secure data handling practices
Training Data Policy
Your data is not used to train our models or any third-party models.
We do not:
- Use your prompts or completions for model training
- Use your data to improve our ML models
- Share your data with model training teams
Data Sharing
We do not sell, rent, or share your data with third parties.
We may share operational metadata only in the following limited circumstances:
- Legally required: When compelled by law or regulation
- Service providers: With vendors who help us operate the service (under strict data processing agreements)
- Safety/security: To prevent fraud, abuse, or other harmful activity
We will never share your data for marketing, advertising, or any purpose unrelated to providing the LighterHub service.
Data Retention
Operational metadata is retained for:
- Active period: While your account is active
- Log retention: Up to 90 days for operational logs
- Billing: As long as necessary for billing and financial purposes
- Legal holds: Longer if required by law
Your Rights
Depending on your location and applicable laws, you may have the right to:
- Access: Request information about what data we hold
- Deletion: Request deletion of your data (subject to legal obligations)
- Correction: Request correction of inaccurate data
- Portability: Request your data in a portable format
- Opt-out: Opt out of optional data collection practices
To exercise any of these rights, contact us at founder [at] lighterhub.app.
Privacy Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by updating the "Effective Date" at the top of this page. Your continued use of LighterHub after such changes constitutes your acceptance of the updated Privacy Policy.
GDPR / EEA Privacy Rights
If you are located in the European Economic Area (EEA), you have specific rights regarding your personal data. Our lawful bases for processing your data include:
- Contract performance: Necessary for API service delivery
- Legitimate interest: Necessary for security and fraud prevention
Under the GDPR, you have the following rights:
- Access: The right to request copies of your personal data
- Correction: The right to request that we correct inaccurate information
- Erasure: The right to request that we erase your personal data
- Restriction: The right to request that we restrict the processing of your personal data
- Portability: The right to request that we transfer the data that we have collected to another organization, or directly to you
- Withdrawal of consent: The right to withdraw your consent at any time, where we relied on your consent to process your personal information
We will respond to all legitimate requests within 30 days. For international data transfers from the EEA, we rely on Standard Contractual Clauses. To exercise any of these rights, please contact us at founder [at] lighterhub.app.
US State Privacy Rights
Residents of California (CCPA), Colorado, Connecticut, Virginia, and Utah have specific rights regarding their personal information:
- Right to know: You have the right to know what personal data is collected about you
- Right to delete: You have the right to request the deletion of your personal data
- Right to opt-out of sale: We do not sell your personal information
We will not discriminate against you for exercising any of your privacy rights.
International Data Transfers
Your data is processed in the United States on dedicated GPU infrastructure. For users located in the European Economic Area (EEA), Standard Contractual Clauses apply to ensure your data is protected.
Our infrastructure runs on dedicated GPU hardware in the United States, and we utilize Cloudflare (global network) as our CDN and secure tunnel.
Cookies and Tracking
We are committed to minimizing tracking and respecting your privacy:
- The LighterHub API does not use cookies
- The website (lighterhub.app) uses essential site functionality and Google Analytics measurement to understand aggregate website usage and lead conversion paths
- Google Analytics may set analytics cookies or use similar measurement technology for website traffic reporting
- We do not use advertising cookies
Children's Privacy
Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 13, we will delete it promptly.
If you believe we might have any information from or about a child under 13, please contact us at founder [at] lighterhub.app to report it.
Subprocessors
To provide our services, we use the following named subprocessors:
| Subprocessor |
Purpose |
Data Shared |
| Cloudflare |
CDN, DNS, tunnel, DDoS protection |
IP addresses, request metadata |
| GPU Infrastructure Provider |
GPU infrastructure hosting |
API request data (processed, not stored) |
| Telegram (health alerts) |
Operational alerts only |
No user data — only system health metrics |
Data Breach Notification
In the event of a data breach affecting your personal data, we are committed to transparency and prompt action:
- We will notify affected users within 72 hours of becoming aware of the breach
- We will notify relevant regulatory authorities as required by applicable law
- Notification will include the nature of the breach, the data affected, and the remedial steps we have taken to secure your information