Privacy Policy
The short version
Inferway is built so that your prompts and completions are processed in memory and destroyed the instant a request finishes. We do not write them to disk, log them in readable form, or use them to train any model. We keep only the non-content metadata required to run the service and reconcile usage.
01 Overview
This Privacy Policy describes how GWMM LLC(“Inferway”, “we”, “us”) handles data when you use the Inferway API, Sandbox, console, or website at inferway.ai. By using the Service, you agree to the practices described here.
Our role is to execute your inference request as fast as possible and then forget it. This policy explains what we do and do not retain, when a third-party fallback provider may be involved, and what rights you have.
02 Zero Data Retention
Zero Data Retention (ZDR) is the core architectural guarantee of Inferway. It is not a setting you opt into — it is how the pipeline is built when your request is served by our own infrastructure.
- In-memory only. Prompts and generated completions exist solely in GPU and system memory for the duration of a single request.
- Immediate destruction. The moment a response finishes streaming, the associated memory — including the KV cache — is released and overwritten.
- No training use. Your inputs and outputs are never collected, reviewed, or used to fine-tune or train any model.
- No content logs. Prompt or completion text is never written to server logs, databases, object stores, or analytics events.
03 What We Process
To fulfill an inference request, the following data passes transiently through our node and is discarded immediately after:
- The prompt and parameters you submit (messages, temperature, max tokens, etc.)
- The completion generated by the model in response
- The KV cache derived from your context, isolated from every other session
None of the above survives the request when served by our own infrastructure.
04 Metadata We Retain
We retain a minimal set of non-content metadata strictly to operate the service, enforce rate limits, and reconcile usage. This metadata contains no part of your prompt or completion text.
- Timestamp of the request
- Input token count and output token count
- Model name (e.g., gemma-4-12b-it)
- Latency metrics, including time-to-first-token (TTFT)
- HTTP status code and error code (if any)
- Anonymous session or authenticated account identifier (for rate limiting and usage dashboards)
- Request routing label (self-hosted node or fallback provider)
Metadata is retained for operational and billing purposes. Aggregated metrics may be displayed publicly on System Status; no prompt or completion content is included.
05 Fallback Boundary
When our primary node is healthy, the ZDR guarantee above applies fully because processing remains under our direct control. If our node fails, requests may be routed to third-party cloud inference providers.
- Our node. ZDR applies; Content is processed in memory and never stored.
- Fallback providers. During a fallback event, Content is processed by the third-party provider. Its terms of service and privacy policy then govern that processing.
Fallback providers we may use include, but are not limited to:
- DeepInfra Privacy Policy — governs any Content processed on DeepInfra infrastructure
- Together AI Privacy Policy — governs any Content processed on Together AI infrastructure
We select fallback providers that publish zero-data-retention or short-retention commitments, but we cannot make those commitments on their behalf. See System Status for the active backend at any time.
06 Account Data
Authentication and account management are handled by Clerk. When you create an account, we receive and store:
- Email address
- Clerk user identifier
- API key identifiers (not the secret keys themselves)
Clerk's privacy practices are governed by Clerk's Privacy Policy.
07 Cookies & Analytics
The inferway.ai website uses Vercel Analytics to collect aggregated page views and Core Web Vitals. This telemetry does not include API request content, prompts, or completions.
- Aggregated page-view counts and performance metrics
- No prompt or completion content
- No individual user browsing history tied to API requests
If additional analytics tools are added later, this section will be updated and users will be notified.
08 Your Rights
Because we do not retain your request content, there is generally no stored personal content for us to access, export, or delete on your behalf. For the operational metadata described in Section 04, you may request information or deletion by contacting us.
- Account deletion. Deleting your account revokes all API keys and anonymizes the account tombstone. We delete or anonymize operational metadata where possible, but billing ledger rows and request metadata may be retained as required by law or for billing reconciliation.
- Access and correction. You may request a copy of or correction to the account data and metadata we hold about you.
09 Security
- All traffic is encrypted in transit via TLS.
- API keys are required for authenticated access beyond anonymous Sandbox limits.
- Because Content is not persisted on our node, there is no data-at-rest attack surface for prompts or completions served by our own infrastructure.
10 Contact
Questions about this policy or our data practices? Reach us at: