Privacy and Data Handling Overview
OneAI is designed to make model routing, usage, and operational ownership visible for production AI customers.
Account data
OneAI may store user email, organization membership, API key metadata, billing state, and usage events to provide the console and API service.
Request data
OneAI may process request payloads, outputs, model metadata, token usage, latency, errors, and Agent OS execution records for service delivery and support.
Secrets
Customer API keys are stored as hashes. Upstream provider keys are server-side infrastructure secrets and are not returned to customers.
Operational logs
Logs support abuse prevention, billing, debugging, reliability, and customer support.
Customer requests
Customers may request support for account review, billing records, data export, or deletion according to plan and legal requirements.
How customers reduce data risk
Send only the content needed for the selected task or model call.
Use explicit provider/model selection or allowlists when your data policy requires a specific routing path.
Use different API keys for production, staging, and testing.
Monitor request history, cost, failed requests, Agent OS proof, and audit events from the console.
Ask for export, deletion, contract, DPA, invoice, or enterprise data handling review when needed.