Privacy Policy
Last updated: June 29, 2026
Tokmeter ("Tokmeter," "we," "us") provides a software platform that helps engineering organizations estimate, monitor, and govern AI token spend. This Privacy Policy explains how we collect, use, share, and protect personal information when you use our website and product (the "Services"). To exercise any privacy right described below, submit a request through our Privacy Requests portal — it is our authoritative DSR (Data Subject Request) intake and we log every request for audit.
Companion documents: Data Processing Agreement (DPA), Subprocessor list, Cookie Policy, Terms.
1. Roles: controller and processor
For account, billing, and marketing data, Tokmeter acts as the controller. For customer content you load into the Services (provider keys, usage logs, prompts you choose to retain, organization member data), Tokmeter acts as a processor on behalf of your organization, which is the controller. The terms of that processing are set out in our DPA.
2. Information we collect
- Account data — name, work email, organization, role, authentication identifiers (including Google or SAML SSO).
- Billing data — billing contact, plan, country, and tax ID where applicable. Card data is processed by Paddle; we never store full card numbers.
- Product telemetry — pages visited, features used, dwell time, errors. Telemetry is gated on cookie consent and respects the Global Privacy Control (GPC) signal.
- Customer content — connection metadata (provider, key fingerprint), usage rollups, request metadata you choose to log. Provider admin keys are encrypted at rest with AES-256-GCM.
- Communications — messages you send via the contact form, including a hashed IP address used to detect abuse.
3. How we use information
- To provide, secure, and improve the Services.
- To bill, communicate about your account, and respond to support requests.
- To detect, prevent, and respond to fraud, abuse, and security incidents.
- To comply with legal obligations and enforce our agreements.
We do not use customer content to train models, and we do not sell personal information.
4. Sharing and subprocessors
We share personal information only with the subprocessors listed in our Subprocessor list, with affiliates within the Tokmeter corporate group, with authorities when legally required, and with acquirers in a merger/financing/asset sale (subject to confidentiality). We do not sell personal information and we do not "share" personal information for cross-context behavioral advertising as defined by the CCPA/CPRA.
5. International transfers
Where data is transferred outside the EEA, UK, Switzerland, Canada, or Australia, we rely on Standard Contractual Clauses (SCCs), the UK IDTA/Addendum, the Swiss FDPIC clauses, or other lawful transfer mechanisms. Our DPA includes the SCC modules applicable to processors.
6. Retention and deletion
We keep account, billing, and audit data for the life of your account plus the period required by law (typically up to 7 years for tax/accounting records). Usage telemetry is aggregated or deleted on a rolling schedule (typically ≤ 24 months). Provider request bodies are retained per your organization's configured retention setting. When you initiate account deletion in Settings → Danger zone, your data is soft-deleted for a 30-day grace period and then purged.
7. Security
We use administrative, technical, and physical controls including TLS 1.2+ in transit, AES-256 encryption at rest, row-level security on all multi-tenant tables, least-privilege service credentials, signed webhook verification, and full audit logging of sensitive operations. No system is 100% secure; you are responsible for keeping your account credentials confidential and enabling MFA where offered.
8. EU / UK / EEA — GDPR & UK GDPR
Legal bases on which we rely:
- Contract — to provide the Services you have agreed to (Art. 6(1)(b)).
- Legitimate interests — to secure, improve, and develop the Services (Art. 6(1)(f)).
- Consent — for optional analytics cookies and certain marketing communications (Art. 6(1)(a)).
- Legal obligation — tax, accounting, and other legal requirements (Art. 6(1)(c)).
You may exercise the following rights via our Privacy Requests portal: access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), portability (Art. 20), objection (Art. 21), and withdrawal of consent. You may also lodge a complaint with your supervisory authority (e.g. ICO in the UK, CNIL in France, the Datatilsynet in Denmark). We respond within one month, with a possible two-month extension for complex requests.
9. California — CCPA / CPRA
California residents have the right to know, access, correct, delete, limit the use of sensitive personal information, and opt out of "sales" and "sharing" (we do neither). You may exercise these rights, or designate an authorized agent to do so, via our Privacy Requests portal. We will not discriminate against you for exercising these rights, and we honor the Global Privacy Control (GPC) browser signal as a valid opt-out.
Categories collected (last 12 months): identifiers, commercial information, internet/network activity, professional/employment information, approximate geolocation (from IP), and inferences drawn from the above. We retain each category only as long as needed for the purposes described in §3.
Shine the Light: California residents may request information regarding disclosure of personal information to third parties for direct marketing purposes — we do not engage in such disclosures.
10. Canada — PIPEDA & provincial laws
Canadian residents may access, correct, or withdraw consent to processing of personal information held by Tokmeter, subject to legal and contractual limits. You may also complain to the Office of the Privacy Commissioner of Canada, the Commission d'accès à l'information du Québec (under Law 25), Alberta's OIPC, or British Columbia's OIPC. Submit requests via our Privacy Requests portal.
11. Australia — Privacy Act 1988 (APPs)
We handle personal information in accordance with the Australian Privacy Principles (APPs). You may request access to or correction of your personal information, or complain about how we have handled it, via our Privacy Requests portal. If you are unsatisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).
12. United States (non-California state laws)
Residents of states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others as they take effect) have rights to access, correct, delete, and opt out of certain processing. Exercise these rights via our Privacy Requests portal. We treat GPC as a valid opt-out signal where the applicable state law recognizes it.
13. Children
The Services are not directed to children under 16, and we do not knowingly collect personal information from them. If you believe we have, contact us via the Privacy Requests portal and we will delete it.
14. Cookies and tracking
See our Cookie Policy for details. Analytics cookies are off by default and only set after explicit consent; we additionally honor the Global Privacy Control browser signal as an opt-out for all eligible jurisdictions.
15. Automated decision-making
We do not make decisions about you that produce legal or similarly significant effects based solely on automated processing. Spend anomaly detection and routing recommendations are surfaced for human review; you decide whether to act on them.
16. Changes
We may update this Policy. Material changes will be posted with a revised "Last updated" date, and we will notify account owners by email at least 14 days before they take effect.
17. Contact & data protection officer
For any privacy question, please use our Privacy Requests portal (one-step intake, audit-logged). For DPO inquiries or supervisory-authority correspondence, email privacy@tokmeter.ai. We acknowledge DSRs within 10 days and respond within the timelines required by applicable law.
This page is maintained by Tokmeter and is provided for informational purposes; it is not legal advice. Consult your own counsel for compliance specific to your business.