Privacy Policy

Last updated: July 9, 2026

1. Overview

This Privacy Policy describes how Fluxon LLC ("we", "us", or "our") collects, uses, and protects your personal information through GateLLM (gatellm.io). We are committed to protecting your privacy and complying with applicable data protection laws.

By using our services, you agree to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not use our services.

2. Data Controller

Fluxon LLC is the data controller for this website and its services. We are a company registered in the State of Delaware, USA.

To contact us regarding your data rights or any privacy-related questions, please email support@gatellm.io.

3. Information We Collect

We collect the following types of personal information:

Account Information: When you create an account, we collect your email address, name, and company name. This information is stored via the Supabase authentication system.

Sales Inquiry Information: When you contact us through the demo request form, we collect your name, company, email, and message.

Payment Information: Payments are processed by Stripe. We do not directly store your credit card or bank information. Stripe may process necessary payment information to complete transactions.

Technical Data: We may collect your IP address, browser type, device information, and access timestamps.

Cookies and Similar Technologies: We use localStorage to store your cookie consent status. If analytics tools are enabled (Google Analytics 4 or Plausible), additional analytics data may be collected.

4. BYOK (Bring Your Own Key) Architecture

GateLLM uses a BYOK (Bring Your Own Key) architecture. This means:

Your LLM API keys are stored only in the memory of your self-hosted gateway instance and are never uploaded to our servers or persisted to a database.

Your LLM request data is routed directly through your gateway to the model provider's official API and does not pass through Fluxon's servers.

Your API keys and request content always remain within your private network.

5. How We Use Your Data

We use the collected data for the following purposes:

Providing and improving our services

Processing payments and managing subscriptions

Responding to your inquiries and requests

Sending service-related notifications and updates

Maintaining security and preventing fraud

Complying with legal obligations

6. Sub-processors

We use the following sub-processors to provide our services:

Supabase: Database storage and authentication services

Stripe: Payment processing services

Resend: Email delivery services

Cloud hosting providers: Website and infrastructure hosting

Analytics providers (optional): Google Analytics 4 or Plausible (only when enabled)

All sub-processors are bound by data protection agreements and comply with applicable data protection laws.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, or for a longer period if required by law.

Account Information: Retained during the account lifetime and for 30 days after account closure.

Sales Inquiry Information: Retained for 3 years to follow up on potential business opportunities.

Payment Records: Retained for 7 years in accordance with tax and accounting regulations.

Log Data: Retained for 90 days for security and troubleshooting purposes.

8. Your Data Rights

Under applicable law, you have the following rights:

Right to Access: You have the right to obtain a copy of the personal information we hold about you.

Right to Rectification: You have the right to correct inaccurate personal information.

Right to Erasure: In certain circumstances, you have the right to request deletion of your personal information.

Right to Data Portability: You have the right to receive your data in a structured, machine-readable format.

Right to Object: You have the right to object to certain types of data processing.

Right to Withdraw Consent: You have the right to withdraw previously given consent at any time.

To exercise any of these rights, please email support@gatellm.io.

9. International Data Transfers

Our sub-processors may be located in countries outside the European Union. When we transfer your data outside the EU, we ensure:

The recipient country has received an adequacy decision from the European Commission, or

We have entered into Standard Contractual Clauses (SCCs) with the sub-processor.

To obtain a copy of the SCCs we use, please email support@gatellm.io.

10. Security Measures

We implement appropriate technical and organizational measures to protect your personal information, including:

Encryption in transit (TLS 1.3)

Encryption at rest

Access controls and authentication

Regular security assessments

Employee data protection training

11. Children's Privacy

Our services are intended for business users and are not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through website notifications or email. Your continued use of our services constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions or concerns about this Privacy Policy, or wish to exercise your data rights, please contact us at:

Email: support@gatellm.io

Company: Fluxon LLC

Registered in: Delaware, USA

GateLLM is a product of Fluxon LLC, a Delaware limited liability company.