Privacy Policy

1. What we collect

To operate NullSpend we need to collect a small amount of information:

• Account information — your email address and authentication credentials, managed via Supabase Auth.
• Usage metadata — the API calls you route through NullSpend, including model, token counts, cost, and timestamps. We do not store prompt content or model responses by default.
• Optional body capture — if you explicitly enable request/response body logging for debugging, we store those bodies in encrypted object storage scoped to your organization. You can disable this at any time.
• Payment information — for paid plans, handled entirely by Stripe. We never see or store card numbers.
• Operational logs — request IDs, error traces, and diagnostic data used to debug issues and improve reliability. Retained for 30 days unless a specific investigation extends that window.

2. What we don't do

• We don't sell your data. To anyone. Ever.
• We don't train AI models on your usage data.
• We don't resell aggregated usage data to third parties for marketing, analytics, or any other purpose.
• We don't share your data with advertisers or data brokers.
• We don't log the contents of prompts or model responses by default (only token counts and metadata).

3. How we use what we collect

The data we collect is used to:

• Operate the product (cost tracking, budget enforcement, HITL)
• Process billing and subscription management
• Send product, security, and service-related emails
• Debug issues you report and improve reliability
• Comply with legal obligations when required

4. Service providers we rely on

NullSpend runs on infrastructure from these providers. Each receives only the data strictly necessary to perform its function:

• Supabase — authentication and primary database storage
• Vercel — dashboard hosting and edge rendering
• Cloudflare — proxy worker, DNS, and CDN
• Stripe — payment processing (paid plans only)
• Upstash — rate limiting state
• Sentry — error monitoring (operational logs, not user data)

We review these providers periodically and keep them under contractual data processing agreements where applicable.

5. Open source

Portions of NullSpend are open source. You can inspect the client SDK, cost calculation engine, and adapter packages yourself. We believe transparency about how your data is processed is a feature, not a liability.

6. Your rights

You have the right to:

• Access the data we hold about you
• Correct inaccurate information
• Delete your account and all associated data (self-serve via Settings, or email us)
• Export your cost event history in CSV or JSON
• Opt out of non-essential product emails (essential service emails like security notices still go through)

To exercise any of these rights, email us at support@nullspend.dev.

7. Data retention

Cost event data is retained for as long as your account is active, or longer if required for billing reconciliation or legal compliance. When you delete your account, we remove your cost events, API keys, webhook configurations, and personal information within 30 days. Stripe-held payment records are retained per Stripe's own policies.

8. Changes to this policy

We'll update this page if our practices change. The “Last updated” date at the top reflects the most recent substantive change. For material changes, we'll notify active users by email at least 14 days before the change takes effect.

9. Contact

Questions, concerns, or a data request? Email support@nullspend.dev. We read everything.