This Data Privacy Policy ("Policy") explains how Singularity Compute ("Singularity Compute", "we", "us", "our") processes customer-submitted content - specifically prompts and completions - when providing AI model inference via an OpenAI-compatible API (the "Service"). This Policy is intended to be read alongside any applicable Terms of Service, Data Processing Addendum, or commercial agreement between you and Singularity Compute (collectively, the "Agreement").

If there is a conflict between this Policy and the Agreement, the Agreement controls to the extent of the conflict. A Data Processing Addendum is available upon request and governs the processing of Personal Data by Singularity Compute on behalf of the Customer.

1. Definitions

• 1.1 “Customer” means the entity or individual that creates an account or otherwise uses the Service.
• 1.2 “Customer Content” means (a) Prompts, (b) Completions, and (c) any other content transmitted to or from the Service as part of an inference request/response.
• 1.3 “Prompt” means text, images, audio, or other input data submitted to the Service in an API request.
• 1.4 “Completion” means output generated by the model and returned by the Service in response to a Prompt.
• 1.5 “Operational Data” means technical and usage data generated by the operation of the Service, such as timestamps, request identifiers, error logs, latency metrics, token counts, and similar telemetry.
• 1.6 “Personal Data” means any information relating to an identified or identifiable individual, as defined under applicable privacy law.
• 1.7 “Processing” has the meaning given under applicable privacy law and includes collecting, storing, using, and deleting data.

2. Roles and Responsibilities

• 2.1 Customer as Controller (Typical Case). Where the Customer submits Customer Content to the Service, the Customer generally determines the purposes and means of processing that content. In such cases, the Customer acts as the data controller (or equivalent) and Singularity Compute acts as a processor/service provider processing Customer Content solely to provide and secure the Service.
• 2.2 No End-User Identification by Singularity Compute. We design the Service so that Customer Content is processed as transient inference input/output and is not used by us to identify individuals. We do not require end-user identity information to provide the Service.
• 2.3 Customer Obligations. The Customer is responsible for: (a) ensuring they have the rights and lawful basis to submit Customer Content; (b) configuring their applications to avoid sending unnecessary Personal Data; and (c) complying with applicable laws and any contractual duties they owe to end users.
• 2.4 Singularity Compute as Processor. Singularity Compute acts as a data processor or service provider, as defined under applicable data protection laws, when processing Customer Content on behalf of the Customer and only in accordance with the Customer instructions and the Agreement.

3. What We Collect

• 3.1 Customer Content. When you use the Service, we process and (as described below) temporarily store: (a) Prompts submitted to the Service; and (b) Completions returned by the Service.
• 3.2 Operational Data. We also collect Operational Data, which may include: request/response timestamps; request identifiers; endpoint and model identifiers; approximate token usage and performance metrics (for example, latency); error reports and system logs related to service reliability; and authentication and account-level identifiers necessary to authorize requests (for example, an API key identifier, not your secret key itself).

4. Purpose Limitation: Why We Process Prompts and Completions

• 4.1 Maintenance and Observability Only. We log and store Prompts and Completions only for maintenance and observability purposes to ensure the Service is robust, stable, secure, and performs well. This includes diagnosing and fixing service errors, incident response and service restoration, performance monitoring (latency, throughput, error rates), detecting abuse and security threats, and verifying correct API behavior and compatibility.
• 4.2 No Secondary Use. We do not process Customer Content for advertising, marketing profiling, or any purpose unrelated to operating and protecting the Service.

5. Retention: 7-Day Storage Window

• 5.1 Prompt/Completion Retention. We log and store Prompts and Completions for up to seven (7) days from the time of processing.
• 5.2 Deletion After 7 Days. After the 7-day period, Prompt and Completion log data is deleted in the ordinary course of operations.
• 5.3 Operational Data Retention. Operational Data may be retained longer than 7 days where needed for service reliability, security auditing, billing reconciliation, or compliance; however, we aim to retain it only as long as necessary and proportionate.

6. No Training Use

• 6.1 No Model Training on Your Data. We do not use Prompts or Completions to train models.
• 6.2 No Fine-Tuning or Dataset Creation. We do not fine-tune models on Customer Content, build training datasets from Customer Content, or use Customer Content to modify model weights.
• 6.3 Service Quality Improvements Without Training. We may improve the Service using Operational Data and aggregated or anonymized metrics (for example, error rates and latency distributions), but not by training on your Prompts or Completions.

7. Non-Identification of Users as Individuals

• 7.1 Design Intent. The Service is designed so that Prompts and Completions are not used to identify any user as an individual.
• 7.2 No Identity Profiling. We do not attempt to determine the identity of any person from Customer Content, nor do we build user profiles based on Prompts or Completions.
• 7.3 Customer Guidance. Customers should ensure that Prompts do not include information that directly identifies individuals (for example, names, email addresses, phone numbers, home addresses, or government identifiers) unless strictly necessary for the Customer’s lawful use case.

8. Sharing and Disclosure

• 8.1 No Sharing With Third Parties for Their Own Use. We do not sell, rent, or share Customer Content with any third-party company for that third party’s independent purposes.
• 8.2 Service Providers. To provide the Service, we may rely on service providers that process data on our behalf (for example, hosting or secure log storage). Where a service provider processes Customer Content, it is contractually restricted to process data only under our instructions, maintain confidentiality and appropriate security, and not use Customer Content for training, product improvement, marketing, or other independent purposes.
• 8.3 Legal Compulsion. We may disclose information if required by applicable law or valid legal process. Where permitted, we will use reasonable efforts to notify the Customer of such requests. Any disclosure under this section is limited to the minimum information required by applicable law or valid legal process.

9. Security Measures

• 9.1 Security Program. We maintain administrative, technical, and organizational safeguards designed to protect Customer Content and Operational Data against unauthorized access, alteration, disclosure, or destruction.
• 9.2 Access Controls. Access to Prompt/Completion logs is restricted to authorized personnel with a legitimate need for maintenance, observability, security, and incident response..
• 9.3 Security Monitoring. We monitor systems for abuse and anomalous behavior and may take measures to protect the Service and Customers.
• 9.4 No Guarantee. No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we work to maintain safeguards appropriate to the risk.

10. International Transfers

• 10.1 Cross-Border Processing. Depending on where the Service is hosted and accessed, data may be processed in jurisdictions outside the Customer’s country.
• 10.2 Transfer Safeguards. Where required by applicable law, cross border transfers of Personal Data are subject to appropriate safeguards, such as standard contractual clauses or equivalent legal transfer mechanisms, and are implemented only to the extent necessary to provide the Service.

11. Customer Rights and Requests

• 11.1 Requests Regarding Customer Content. Because we typically act as a processor, requests to exercise data subject rights (access, deletion, and similar rights) should generally be directed to the Customer (the controller). If you are a Customer and need assistance relating to data in our systems, contact us using the details in Section 13.
• 11.2 Deletion and Retention. Prompt/Completion logs are retained for up to 7 days as described above. Where technically feasible and consistent with our security obligations, we will support reasonable Customer requests related to Customer Content.

12. Sensitive and Prohibited Data Guidance

• 12.1 Avoid Sensitive Personal Data. Customers should not submit sensitive categories of Personal Data unless strictly necessary and lawfully permitted (for example, health information, biometrics, precise location data, or financial account credentials).
• 12.2 Confidential Information. Customers should avoid submitting confidential information unless they have appropriate authorization and safeguards in place.
• 12.3 Customer Responsibility. If a Customer submits sensitive or prohibited Personal Data contrary to this guidance, the Customer remains solely responsible for such data and for ensuring a lawful basis for its processing.

13. Contact

Questions about this Policy or our processing practices should be sent to: privacy@singularitycompute.com

14. Changes to This Policy

We may update this Policy from time to time. The Effective Date at the top indicates when the latest version took effect. Material changes will be posted on this page.

Short Summary (Informational Only; Not Contractual)

• We log and store prompts and completions for 7 days to keep the platform reliable and observable.
• We do not use your data for training or fine-tuning.
• We do not share prompt/completion content with third parties for their independent use.
• We do not use prompts to identify users as individuals.
• Logging exists only for maintenance, security, and performance of the Service.