Privacy policy

Dynoyard provides an OpenAI-compatible API gateway. This policy describes what information we collect, how we use it, and how to contact us about it.

Information we collect

• Account information — email address, organization name, team members, authentication metadata.
• Billing information — handled by our payments processor. We don't store card numbers; we keep masked last-four digits, brand, and transaction records.
• Usage metadata — per-request token counts, timestamps, model identifiers, response status codes, and request latency. Used for billing, capacity planning, and abuse detection.
• Operational logs — error reports, security events, and other technical logs needed to operate the service.

Prompt and completion bodies

We do not retain the contents of your prompts or completions for analytics or training. Request and response bodies pass through our gateway for routing and accounting and are dropped after forwarding, with two narrow exceptions:

• Response cache (opt-in, per-org) — when your organization enables response caching, a copy of the completion is held transiently in an isolated per-org store with a short TTL (default ~30 minutes) so an identical repeat request can be served without a second upstream call. Disabled by default; never shared across organizations; you control it.
• Error diagnostics — on a failed upstream request (HTTP status ≥ 400) we capture up to the first 1KB of the error body to help debug provider-side failures. Successful completions are never captured this way.

How we use information

We use the information described above to operate, secure, and improve the service: authenticate users, route and account for requests, prevent abuse, communicate operational matters, and comply with legal obligations.

Cookies and analytics

On our public website we use PostHog for product analytics — page views, clicks, and on-page interactions — to understand how the site is used and improve it. Analytics cookies are set only after you accept via the consent banner; until then, no analytics cookies are placed and no analytics events are sent. You can decline, and the site works fully without them. Essential cookies required to operate the app (such as your authenticated session) are always set and are not used for analytics. This analytics never includes the contents of your prompts or completions.

Sharing

We share information only as needed to operate the service:

• Service providers — third parties that help us deliver Dynoyard (payment processing, transactional email, error tracking, hosting and edge networking, and the model providers that fulfill inference requests). Each is bound by confidentiality and data-processing terms appropriate to their role.
• Legal — when required by law or to protect rights, safety, or property.

We do not sell personal information.

Retention

We retain account information for as long as your account is active and for a reasonable period thereafter to support audit, billing, and legal obligations. Usage metadata and operational logs are retained for the period necessary for the purposes above, then deleted or aggregated.

Security

We use industry-standard practices including encryption in transit, scoped API keys, audit logging of administrative actions, and access controls on our infrastructure. No system is perfectly secure; suspected vulnerabilities should be reported to security@dynoyard.app.

Your rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal information. Email hello@dynoyard.app for any privacy request — we respond within a reasonable period.

Data Processing Agreement

We can sign a DPA on request — email hello@dynoyard.app.

International transfers

Dynoyard operates with global infrastructure. Where data is transferred across jurisdictions, we rely on appropriate safeguards (such as standard contractual clauses) as required by applicable law.

Changes

We may update this policy. Material changes will be announced via email or in-product notice. The current version is always at dynoyard.app/privacy.

Questions? hello@dynoyard.app.