Privacy Policy

Last updated: April 4, 2026

What Veil Does

Veil is a proxy that sits between your application and LLM providers. It redacts personally identifiable information (PII) from your requests before forwarding them to the LLM, and restores PII in the response.

Data We Process

When you use the Veil API, your request passes through our servers. Here's exactly what happens:

• Request content: Your messages are analyzed for PII, redacted, and forwarded to the upstream LLM provider. The redacted version (with PII replaced by tokens) is what leaves our servers. We do not store your message content.
• PII mapping: The mapping between tokens and original PII values exists only in memory for the duration of the request. It is never written to disk, never logged, and is garbage-collected after the response is returned.
• Metadata we store: Timestamp, entity count, entity types (e.g., "PERSON", "EMAIL_ADDRESS" — not the actual values), model name, and token counts. This is for usage tracking and billing.

Data We Store

• Email address: Used for account creation. Stored in our database.
• API key: Stored hashed for validation.
• Usage data: Request counts, entity type counts, timestamps. No message content.
• Stripe customer ID: For billing. Payment details are handled entirely by Stripe.

Data We Never Store

• Your message content (prompts, conversations)
• The actual PII values detected (names, emails, SSNs, etc.)
• The PII-to-token mapping
• LLM responses
• Your upstream API keys

Third Parties

Your redacted (PII-stripped) messages are forwarded to the LLM provider you specify (OpenAI, Anthropic, etc.). The original PII never reaches them — only the redacted tokens do. We use Stripe for payment processing. We do not use analytics, tracking pixels, or advertising services.

Data Retention

Usage metadata (timestamps, entity counts) is retained for billing purposes. You can request deletion of your account and all associated data by emailing us.

GDPR

Veil helps you comply with GDPR by ensuring personal data is redacted before reaching third-party LLM providers. For the data we process (email, usage metadata), we act as a data processor. We process data on servers in the United States (Google Cloud, us-central1). For a Data Processing Agreement (DPA), contact us.

Security

All data in transit is encrypted via TLS. API keys are hashed at rest, self-serve signups require email verification, and the redaction engine runs locally on our servers — no PII is sent to external detection services. The codebase has undergone 12 security audit passes.

Contact

For privacy questions, data deletion requests, or DPA inquiries: therekishianime@gmail.com