Data Handling
Data minimization is a core design principle at Chuizi.AI. The Gateway does not persist any user message content. It only records the usage metadata necessary for billing and monitoring.
Message Content: Zero Storage
During request forwarding, the Gateway does not save, log, or cache your prompts or model responses. Message content exists only briefly in memory for stream forwarding and is released immediately after the request completes.
This means:
- Your prompts never appear in our database
- Model responses are not persisted
- When you query the
/v1/generationendpoint, you only see metadata, never message content
Metadata We Record
After each API request completes, we record the following metadata:
| Field | Type | Description |
|---|---|---|
id | string | Unique request identifier (gen- prefix) |
user_id | uuid | Owning user |
api_key_id | uuid | API key used |
model | string | Requested model name |
provider | string | Upstream provider |
input_tokens | integer | Input token count |
output_tokens | integer | Output token count |
cached_tokens | integer | Cache-hit token count |
reasoning_tokens | integer | Reasoning token count |
cost | decimal | Cost of this request |
latency_ms | integer | Response latency in milliseconds |
status_code | integer | HTTP status code |
error_type | string | Error type, if any |
created_at | timestamp | Request timestamp |
There are no prompt, messages, response, or any message content fields in this data.
API Key Security
API keys are stored using irreversible encryption:
- The database stores only a securely encrypted hash of each key
- The key prefix (
ck-xxxx) is stored separately for identification in the Dashboard - The full key is shown exactly once at creation and cannot be recovered afterward
- If you lose a key, you must deactivate the old one and create a new one
Cache Policy
Temporary cached data is limited to:
- Key mapping: API key verification data (speeds up authentication)
- Rate limit counters: Request rate tracking (RPM/TPM)
- Balance freezes: Pre-deducted amounts for in-flight requests
The cache layer does not store any message content.
Server-Side Logs
Server request logs include the following for troubleshooting:
- Request ID
- Timestamp, HTTP method, path
- Model name, status code, latency
- Error details, if any
Logs do not include request bodies or response bodies.
Encryption in Transit
All communication uses HTTPS encryption (TLS 1.2+):
- User to Cloudflare CDN: TLS encrypted
- Cloudflare to Chuizi.AI Gateway: TLS encrypted
- Gateway to upstream provider: TLS encrypted
Your data remains encrypted throughout the entire transit path. For details on where your requests are processed geographically, see Data Regions.
Next Steps
- Data Regions — Understand which data centers process your requests
- Privacy Policy — Full privacy commitment and your data rights
- API Key Best Practices — Keep your credentials secure