Privacy Policy

Effective 2026-05-31 · Iron CEO Publication · v0.1.0

TL;DR: We pass your text to Anthropic Claude Haiku for redaction. Anthropic retains it ≤30 days for safety review. We do not store request content. We store API metadata (= timestamp, char count, categories) for 30-90 days depending on tier.

1. What RedactPath processes

For each POST /v1/redact call, we process:

Request text (= passed to Anthropic Claude Haiku for redaction, returned to you, not stored on RedactPath servers)
API key authentication (= we verify your API key against KV)
Call metadata (= timestamp, character count, redaction categories used)

2. Anthropic Claude Haiku as subprocessor

RedactPath uses Anthropic Claude Haiku as the redaction engine. Per Anthropic's API policy:

Inputs are retained ≤30 days for safety + abuse review
Inputs are NOT used to train Anthropic models (per Anthropic's commercial API terms)
Inputs are deleted after the 30-day review window

Full Anthropic policy: anthropic.com/legal/commercial-terms

3. What RedactPath stores

We do NOT store your request text. We store only:

User accounts (= email + bcrypt-hashed password + tier)
API key metadata (= key name, user_id, creation timestamp)
Monthly call counter (= count, no content)
Audit log (= timestamp + char_count + categories, NO content): 30 days (Free / Standard) or 90 days (Pro)

4. Where data lives

RedactPath runs entirely on Cloudflare Workers + Cloudflare KV (= globally distributed). Anthropic API calls go to api.anthropic.com. No other data flows.

5. Retention

User account: until account closure + 30 day deletion window
API keys: until you revoke them or close the account
Monthly call counter: reset monthly
Audit log: 30 days (Free / Standard) or 90 days (Pro)
Account closure: data deleted within 30 days

6. What we do NOT do

We do NOT log or store your request text
We do NOT use your text for any purpose other than passing it to Anthropic for redaction
We do NOT sell data to third parties
We do NOT use data for advertising or analytics

7. Your rights

Access: download your account data (= email, tier, call counter, API key metadata) via email request
Deletion: close your account from the dashboard; all data deleted within 30 days
Portability: API key metadata exportable on request
Anthropic-side data: contact Anthropic directly to exercise rights over text Anthropic has retained for safety review

8. GDPR + CCPA + APPI

RedactPath is designed to help indie SaaS dev comply with privacy laws (= GDPR / CCPA / 個人情報保護法). We treat our own user data with the same standards we help you implement.

EU server-region option is on the v0.2 roadmap. If you need EU-only processing for compliance reasons before v0.2 ships, contact us for self-host instructions.

9. Cookies

Session cookie (redactpath_session, HttpOnly, Secure, SameSite=Lax) for dashboard sign-in. localStorage holds user_id for client-side flows. No tracking cookies, no third-party cookies.

10. Contact

For privacy questions: privacy@redactpath.com.

11. Changes to this policy

Material changes will be announced via the dashboard + email at least 30 days before they take effect.

RedactPath — Iron CEO Publication, 2026. Home · Terms