Privacy Policy
Last updated: May 26, 2026
This policy explains how Qwen API Gateway handles information when you visit the website, create an account, buy prepaid credits, create API keys, or send API requests.
Information we collect
- Account information: email address, password hash, account status, admin status, and account creation time.
- Authentication information: session cookies used to keep you logged in. Passwords and API keys are hashed before storage.
- Billing information: top-up amount, transaction status, Stripe checkout identifiers, and related payment metadata. Full payment card details are handled by Stripe, not stored by this service.
- API usage metadata: API key identifier, model name, token counts, charged cost, request status, latency, request IDs, and timestamps.
- Prompt and response content: prompts and responses are processed in transit to fulfill API requests. This service does not intentionally store prompt or response text in its application database, but model providers may process or retain data under their own terms.
- Technical data: server logs may include IP address, user agent, timestamps, requested paths, errors, and security events.
How we use information
- provide the website, dashboard, API gateway, authentication, billing, and usage reporting;
- meter usage, calculate charges, process prepaid top-ups, and prevent payment abuse;
- secure accounts, protect API keys, investigate errors, enforce rate limits, and prevent misuse;
- maintain service reliability, debug operational issues, and comply with legal obligations.
Third-party processing
We share information with service providers only as needed to operate the service. This includes AI model providers for processing API requests, Stripe for payment processing, and infrastructure providers for hosting, storage, logging, security, and delivery. Third-party websites linked from this service, including qwencloud.com, follow their own privacy practices.
AI request content
Do not send secrets, payment card data, health information, regulated personal data, or other highly sensitive content unless you have confirmed that the service and the selected model provider are appropriate for that use. We do not use your prompts or responses to train our own models.
Cookies
The website uses session cookies for login and account security. The service does not currently use advertising cookies or sell personal information for cross-context behavioral advertising.
Retention
We retain account, billing, usage, security, and operational records for as long as needed to provide the service, resolve disputes, prevent abuse, satisfy tax or accounting requirements, and comply with legal obligations. Deletion requests may be limited where records are needed for security, fraud prevention, legal compliance, billing, or backup integrity.
Security
We use safeguards such as password hashing, API key hashing, session controls, access controls, and operational logging. No internet service is perfectly secure, so you should protect your account credentials and rotate API keys if you suspect exposure.
Children
The service is intended for developers and businesses. It is not directed to children under 13, and you may not use the service if you are not old enough to enter into these terms.
Your choices
You may stop using the service, revoke API keys, and request account review or deletion. Some billing, security, and compliance records may need to be retained after an account is closed.
Changes
We may update this policy as the service, providers, or legal requirements change. Continued use of the service after an update means the updated policy applies.