Fair-price.ai

Privacy Policy

Last updated: 25 May 2026

Fair-price.ai ("we", "us") is committed to protecting your personal data. This policy explains what data we collect, how we use it, and your rights under UK GDPR.

1. Data We Collect

  • Account data: name, email address, hashed password;
  • Authentication: Google OAuth tokens (if you sign in with Google);
  • Payment data: transaction amounts and status. Card details are handled exclusively by Stripe, Inc. — we never store card numbers. Cryptocurrency transactions are handled by CoinPayments, Inc.;
  • Usage data: API request logs including model used, token counts, timestamps, and associated API key ID;
  • Security data: encrypted TOTP secret if you enable two-factor authentication;
  • Technical data: IP address, user agent (in server logs).

2. How We Use Your Data

  • To provide and operate the Service;
  • To process payments and maintain account balances;
  • To send transactional emails (account verification, password reset);
  • To detect fraud and enforce these Terms;
  • To comply with legal obligations.

3. Legal Basis (UK GDPR)

We process your data on the following bases:

  • Contract: processing necessary to provide the Service you purchased;
  • Legitimate interests: security, fraud prevention, service improvement;
  • Legal obligation: compliance with applicable law.

4. Third-Party Services

We share data with the following sub-processors:

  • Stripe, Inc. — card payment processing;
  • CoinPayments, Inc. — cryptocurrency payment processing;
  • Google LLC — OAuth sign-in;
  • Resend, Inc. — transactional email delivery;
  • Hetzner Online GmbH — cloud hosting (EU);
  • Neon, Inc. — database hosting;
  • BetterStack, Inc. — uptime monitoring and log storage.

Each sub-processor is contractually bound to protect your data and process it only as instructed.

5. Data Retention

Account data is retained for as long as your account is active. Usage logs are retained for 12 months. Payment records are retained for 7 years as required by UK tax law. Deleted accounts are purged within 30 days except where retention is legally required.

6. Cookies

We use only essential session cookies required for authentication. We do not use advertising or tracking cookies.

7. Your Rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate data;
  • Request deletion of your data ("right to be forgotten");
  • Request restriction or portability of your data;
  • Object to processing based on legitimate interests.

To exercise any of these rights, contact us at contact@fair-price.ai. We will respond within 30 days.

8. International Transfers

Some sub-processors are based outside the UK/EEA. Where data is transferred internationally, we ensure appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions).

9. Security

We use industry-standard measures including bcrypt password hashing, AES-256 encryption for sensitive secrets, HTTPS for all connections, and role-based access controls.

10. Changes to This Policy

We may update this policy periodically. We will notify you of material changes by email. Continued use of the Service constitutes acceptance of the updated policy.

11. Contact

Data protection enquiries: contact@fair-price.ai