← Back to home

Privacy Policy

Tera by Hashbranch, Inc. · Effective April 2, 2026 · Last updated April 2, 2026

1. Introduction

This Privacy Policy describes how Hashbranch, Inc. ("Hashbranch," "we," "us," or "our"), operating as Tera, collects, uses, and handles information in connection with our model inference API services ("Services"). Our Services provide large language model inference through API endpoints, primarily as a provider on the OpenRouter platform.

2. Information We Process

2.1 API Request Data

When you or a platform (such as OpenRouter) sends a request to our API, we process the following:

  • Request content: The prompts, messages, and parameters included in your API request.
  • Response content: The model-generated text returned by our Services.
  • Usage metadata: Token counts (prompt tokens, completion tokens), model name, request timestamps, and response latency.
  • Technical metadata: IP address, request headers, and API authentication tokens.

2.2 Account and Billing Information

If you interact with us directly (outside of OpenRouter), we may collect:

  • Name, email address, and company name.
  • Billing information processed through our payment provider (Stripe, under a dedicated Tera account). We do not store credit card numbers directly.

3. How We Use Information

We use information processed through our Services for the following purposes:

  • Providing the Services: Processing your API requests and returning model-generated responses.
  • Usage tracking and billing: Calculating token usage for billing purposes.
  • Service reliability: Monitoring uptime, latency, error rates, and system health.
  • Abuse prevention: Detecting and preventing unauthorized or abusive use of our API.
  • Service improvement: Analyzing aggregate usage patterns to improve capacity planning and performance.

4. What We Do NOT Do

  • We do not train models on your data. Request and response content is not used to train, fine-tune, or improve any machine learning models.
  • We do not sell your data. We do not sell, rent, or trade any information processed through our Services to third parties.
  • We do not profile users. We do not build user profiles or use request data for advertising purposes.

5. Data Retention

  • API request and response content: Retained in server logs for up to 30 days for debugging and abuse prevention, then automatically deleted.
  • Usage metadata (token counts, timestamps): Retained for billing and analytics purposes for up to 12 months.
  • Account information: Retained for as long as your account is active, or as required by law.

6. Data Sharing

We may share information in the following circumstances:

  • Platform partners: When you access our Services through OpenRouter, usage metadata (token counts, model name, latency) is shared with OpenRouter for their billing and routing purposes.
  • Infrastructure providers: Our Services run on Google Cloud Platform (GCP). GCP processes data as a sub-processor under their standard data processing terms.
  • Payment processing: Billing is handled by Stripe, which processes payment information under their own privacy policy.
  • Legal requirements: We may disclose information if required by law, legal process, or government request.

7. Data Location

All inference processing occurs in the United States (GCP us-central1 and us-east4 regions). Data may be processed in other US locations as we expand infrastructure.

8. Security

We implement reasonable technical and organizational measures to protect data processed through our Services, including:

  • API authentication via bearer tokens.
  • GPU compute infrastructure hosted in private VPC networks with no public internet exposure.
  • Encrypted data in transit (TLS).
  • Access controls and audit logging on infrastructure.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Request access to information we hold about you.
  • Request deletion of your data.
  • Object to or restrict certain processing activities.

To exercise these rights, contact us at the email address below.

10. Children's Privacy

Our Services are not directed to children under 13 (or the applicable age in your jurisdiction). We do not knowingly collect information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy at this URL with a revised "Last Updated" date. Material changes will be communicated through our API documentation or directly to platform partners.

12. Contact Us

For questions about this Privacy Policy or our data practices:

Hashbranch, Inc.
Email: privacy@hashbranch.com
Website: hashbranch.com