Twinkle HubTwinkle Hub
Sign in

Legal

Privacy Policy

We collect the minimum needed to run the service, bill correctly, and prevent abuse. Below: what we collect, why, and who sees it.

Last updated: 2026-05-05
Alpha-stage terms. Material changes will be emailed and the 'Last updated' date will be revised here.

What we collect

When you sign up or use the service we collect:

  • OAuth profile: email, name, avatar URL (from Google / GitHub).
  • API usage records: per-request timestamp, tool name, cost, response size. Stored on the LiteLLM backend.
  • Payment data: handled by NewebPay once card top-up launches; we keep only the trade reference, amount, status — never raw card numbers.
  • Technical metadata: IP (short-lived log, rotated within 30 days), user-agent.

What we use it for

  • Running the service (auth, key issuance, billing, support)
  • Abuse prevention (rate limiting, anomaly detection)
  • Product improvement (aggregate stats, never re-identifying individuals)
  • Compliance (e-invoicing, tax)

Who we share with

As little as possible. Necessary parties:

  • LiteLLM Proxy (cloud-hosted): hosts the API key store and spend tracking.
  • NewebPay (card processor): card top-ups in M3b.
  • Google Cloud Platform: infrastructure (Cloud Run, Cloud SQL, Secret Manager) in asia-east1 (Changhua, Taiwan).
  • OpenData / each source: your query content is forwarded to the downstream source; their license terms apply independently.
  • Legal compulsion: court / government request with valid legal basis.

Cookies

  • __Secure-authjs.session-token: login session (HttpOnly, Secure, SameSite=Lax). Cleared on logout.
  • NEXT_LOCALE: language preference (zh-TW / en). 1-year expiry.
  • OAuth callback state: short-lived during sign-in flow, 5-minute expiry.

We do **not** use analytics or advertising cookies.

Your rights

  • Access: see your data at /account.
  • Correction: name comes from the OAuth provider — change it at Google / GitHub.
  • Deletion: email us, processed within 72 hours (data, API key, payment records purged; tax-relevant invoice data retained 5 years per law).
  • Export: email us for a JSON dump.

Retention

  • Account data: until you delete.
  • API usage logs: per-request detail kept 12 months, then aggregated.
  • Payment / invoice: 5 years per Taiwan tax law.
  • IP log: rotated every 30 days.

Cross-border transfers

Service hosted on GCP asia-east1 (Changhua, Taiwan). OAuth auth flows through Google / GitHub global nodes. NewebPay (post-M3b) is in Taiwan.