Privacy Policy
Effective date: to be set at launch.
1. Who we are
Coding Plan provides a prepaid API gateway for agentic AI coding. You prepay credit, call our API from your coding tools, and we forward your requests to an upstream model service. This policy explains what we collect and, importantly, what we do not.
2. What we do NOT store
We do not store your prompt content or the model's output content.
- We do not log the text of your requests.
- We do not log the text of the model's responses.
- Your prompts and outputs pass through our servers in memory only, to translate between API formats and to count tokens for billing. They are discarded immediately and are never written to our database, our logs, or our backups.
This is a hard, code-enforced constraint, not just a policy statement. See ADR-0005 for the engineering details.
3. What we do collect and store
- Account: when you sign in with Google, we receive your Google account email and a stable Google account identifier (sub). We never see or store your Google password.
- API keys: you may create up to two API keys. Keys are stored as one-way hashes — the full key is shown to you exactly once, at creation or renewal, and cannot be recovered by us. If you lose a key, you must renew it.
- Payment metadata: topups are processed by Omise (Opn Payments). We receive and store the Omise charge identifier, the amount, and the charge status. We do not store your card number, CVV, or full card details — those are handled entirely by Omise.
- Metering data: for each API request we store token counts (input cache-hit, input cache-miss, output), the model used, the charge, the credit bucket it was drawn from, and timestamps. No content.
- Topup & balance history: your topup records, current credit balance, and per-bucket expiry timestamps.
4. How long we keep data
- Credit buckets: a bucket expires 30 days after its topup. Remaining balance is forfeited at expiry. The transaction record is retained for accounting.
- Metering metadata (token counts, charges): retained for audit and dispute resolution.
- Account data: retained until you request account closure.
5. Refunds
Unused balance is refundable before a topup's 30-day expiry. Consumed credit and expired credit are non-refundable. See the Terms of Service.
6. Payment processing
Omise is the data controller for your payment details. We do not receive or store full card data. Your payment relationship is with Omise under its terms.
7. Sharing your data
We do not sell your data. We share only what is necessary to operate the service: Google (sign-in) and Omise (payment). Metering metadata is internal and not shared.
8. Your rights
You may close your account, request a refund of unused balance within a bucket's 30-day life, and export your metering history. To exercise any of these, contact us (below).
9. Contact
Email: to be set at launch.