Privacy Policy

Last updated: May 1, 2026

This Privacy Policy describes how Ozekai LLC ("Company," "we," "us," "our"), a limited liability company registered in the State of New York, United States, collects, uses, discloses, and protects your information when you use our GPU compute platform, website, API, dashboard, access tooling, and all related services (collectively, the "Services").

Our principal address is 1755 Broadway FRONT 3 #1142, New York, NY 10019, United States.

By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, you must discontinue use of the Services.

1. Information We Collect

Account information:

• Username, email address, and hashed password (we never store plaintext passwords).
• Plan selection and account creation date.

Payment information:

• Payment processing is handled entirely by Stripe. We do not store your credit card number, CVC, or full billing address on our servers.
• We store your Stripe customer ID, subscription ID, and subscription item identifiers to manage your billing relationship. We do not store payment card details.
• Stripe may collect additional information as described in their privacy policy, including payment card details, billing address, and transaction history.

Usage data:

• Session start/end times, duration, and associated GPU plan.
• Compute usage metrics (GPU utilization, VRAM usage) for billing calculation and resource management.
• Storage usage (disk allocation) for session tracking.
• Dashboard and API actions such as session launch, status checks, and termination.

Technical data:

• Server logs including IP addresses, request timestamps, user agent strings, and API endpoints accessed.
• Container metadata (container IDs, port assignments, resource allocation).
• Error logs and diagnostic information for troubleshooting.

2. How We Use Your Information

• Provide the Services: Authenticate you, provision GPU instances, manage your workspace, and deliver the functionality you expect.
• Billing: Track usage accurately and generate invoices via Stripe.
• Communication: Send account-related emails (verification, password reset, billing notifications). We do not send marketing emails.
• Security and abuse prevention: Detect and prevent unauthorized access, fraud, abuse, and violations of our Terms of Service.
• Service improvement: Analyze aggregate, anonymized usage patterns to improve performance and reliability. We never analyze individual workspace content.
• Legal compliance: Comply with applicable laws, regulations, and legal processes.

3. What We Do NOT Do

• We do not access, read, or analyze the content of your workspace (your code, data, or models).
• We do not sell, rent, or share your personal information with third parties for marketing or advertising purposes.
• We do not use your data to train AI/ML models.
• We do not track you across other websites.
• We do not use third-party tracking cookies or analytics services (e.g., Google Analytics).

4. Data Sharing and Disclosure

We share your information only in these limited circumstances:

• Stripe (payment processor): Your email address, customer ID, and usage data are shared with Stripe for payment processing and invoicing. See Stripe's Privacy Policy.
• Legal compliance: When required by law, subpoena, court order, or governmental request.
• Safety and rights protection: To protect the rights, property, or safety of Ozekai LLC, our users, or the public.
• Law enforcement cooperation: We may voluntarily disclose your information (including account details, IP addresses, usage data, and container contents) to law enforcement agencies when we have a good-faith belief that doing so is necessary to prevent or investigate violations of law, protect the Services or other users, or enforce our Terms of Service. Such disclosure may occur without prior notice to you.
• Business transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

We do not share your information with any other third parties.

5. Data Security

• Passwords are hashed using bcrypt and never stored in plaintext.
• All connections are encrypted via TLS (HTTPS).
• API authentication uses JWT tokens with expiration.
• API endpoints are protected by rate limiting to prevent abuse.
• Each user's GPU container is isolated from other users. Although the platform uses shared physical infrastructure, each user operates within a separate, sandboxed container with its own filesystem, process namespace, and network stack. Users cannot access other users' containers, workspaces, or data.
• Infrastructure is protected by Cloudflare (DDoS protection, no exposed inbound ports).
• We follow security best practices for infrastructure and application security, including privilege dropping, read-only security volumes, and process isolation.

While we take reasonable measures to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. The use of shared physical infrastructure is standard industry practice for managed compute platforms and does not diminish the isolation of your individual environment. We are not liable for unauthorized access to or loss of your data resulting from security breaches, vulnerabilities, or events beyond our reasonable control.

6. Data Retention

• Account data: Retained as long as your account is active. Deleted upon account closure request, subject to legal retention requirements.
• Workspace data: Retained only while the associated VM exists. When a VM is terminated, all workspace data is permanently and immediately deleted. We do not retain copies of workspace data after termination. We may delete workspace data associated with inactive or suspended accounts at any time without notice.
• Usage and billing logs: Retained for 12 months for billing reconciliation and dispute resolution.
• Server access logs (including IP addresses): Retained for 90 days.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate personal information.
• Deletion: Request deletion of your account and associated personal data.
• Data portability: Download your workspace data at any time while connected to your GPU instance.
• Objection: Object to processing of your personal information in certain circumstances.

To exercise any of these rights, contact us at [email protected]. We will respond to requests within 30 days.

8. Cookies and Local Storage

We use localStorage in your browser to store your authentication token and username for session management. We use sessionStorage for temporary data during checkout flows.

We do not use HTTP cookies for tracking. We do not use any third-party tracking cookies, analytics cookies, or advertising cookies.

For more details, see our Cookie Policy.

9. International Data Transfers

The Services are hosted in the United States and Canada. Account data, billing data, and platform infrastructure are hosted on servers located in the United States. GPU compute workloads and workspace data are processed on servers located in Canada. If you access the Services from outside the United States or Canada, you consent to having your data transferred to and processed in the United States and Canada. Data protection laws in the United States and Canada may differ from those in your jurisdiction.

10. Children's Privacy

The Services are not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will delete that information promptly.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
• Right to Opt-Out of Sale: We do not sell your personal information to third parties. No opt-out is necessary.
• Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To exercise these rights, contact us at [email protected].

12. European Data Protection (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal bases for processing your personal information include: (a) performance of a contract (providing the Services you signed up for); (b) legitimate interest (security, fraud prevention, service improvement); and (c) your consent (where applicable). You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes take effect when posted with an updated "Last updated" date at the top of this page. Material changes will be communicated via email or a notice on the Services. Continued use of the Services after changes take effect constitutes acceptance of the updated Privacy Policy.

14. Contact Us

Questions or concerns about this Privacy Policy? Contact us at:

Ozekai LLC
1755 Broadway FRONT 3 #1142
New York, NY 10019
United States
[email protected]