Privacy Policy
Last updated · 25 May 2026 · Version 2.0
1. Scope
This Privacy Policy describes how Aperture (Singapore UEN 202012591W) collects, uses, and protects user data in connection with the Service at aperture-ai.run.
2. Data We Collect
- Account data: email address, hashed password, account creation timestamp.
- Usage data: timestamps and metadata of API requests, token counts, and selected model — recorded for billing reconciliation and fraud detection.
- Payment data: Aperture does not store credit card numbers. All payment processing is performed by Stripe Inc. Aperture retains only the Stripe transaction reference required for refund and dispute resolution.
- Conversation content: chat, image, and video prompts are forwarded to the selected upstream AI provider for execution. Aperture does not store the content of these requests beyond what is necessary for the duration of the request.
3. How We Use Data
- To provide and operate the Service.
- To bill correctly and process refunds.
- To detect and prevent fraud and abuse.
- To respond to user inquiries.
Aperture does not sell user data. Aperture does not use user prompts to train models.
4. Data Sharing
- Upstream AI providers (OpenAI, Anthropic, Google, DeepSeek) receive the content of user requests for the sole purpose of returning a response. Each provider operates under its own published data-use policy.
- Stripe Inc. processes payment information under its own privacy policy.
- Aperture may disclose data when required by lawful order issued under Singapore law.
5. Data Retention
Account records are retained for the lifetime of the account. Upon account closure, personally identifiable account data is deleted within 30 days, except where retention is required by law or to resolve outstanding refunds.
6. Security
Account passwords are hashed using industry-standard algorithms. API keys are issued per account and may be rotated at any time from /account.html. All data in transit is encrypted via TLS.
7. International Transfer
The Service is hosted in Singapore. Users outside Singapore acknowledge that their data may be transferred to and processed in Singapore in connection with the Service.
8. User Rights
Users may at any time:
- Access account data via /account.html.
- Request deletion of account data by emailing [email protected].
- Export their account ledger as JSON by emailing [email protected].
9. Amendments
This Policy may be amended. Material changes will be communicated to registered users by email.
10. Contact
[email protected] · Singapore UEN 202012591W