Privacy policy
Last updated: March 20, 2025
What cn2.ai does
cn2.ai is an API key marketplace. Sellers list spare API capacity. Buyers access APIs through cn2.ai proxy endpoints, paying per request via the Machine Payments Protocol (MPP). This policy explains what data we collect, how we use it, and your rights.
What we collect
Sellers (account holders)
- Email address and optional display name (for account and login)
- GitHub account ID (if using GitHub OAuth)
- API keys you submit (encrypted with AES-256-GCM before storage — we never store or access plaintext keys)
- Key configuration: provider, pricing, rate limits, route restrictions, region tag
- Payout preferences: payout method, wallet address or bank details (for earning withdrawals)
- KYC verification data: submitted to and processed by our identity verification partner (Persona), not stored by cn2.ai beyond verification status and timestamp
- Webhook endpoint URLs
Buyers (API consumers)
- No account is required. Anonymous access works natively via MPP.
- We derive a hashed buyer identifier from your MPP payment principal (SHA-256). We never store your raw payment identity.
- IP-based country code (from Cloudflare's CF-IPCountry header) — used solely for EU routing. We do not store IP addresses.
- If you create an optional account: email address and spend history.
All requests (proxied traffic)
- Request metadata: provider, route, HTTP method, timestamp, latency, response status code, payment amount
- We do not log, store, or inspect request or response bodies. Your prompts, data, and API responses pass through the proxy without being recorded.
- Request metadata is retained for 30 days (raw) and 1 year (aggregated) for analytics and dispute resolution.
How we use your data
- Route requests to the correct seller key based on provider, region, and pool tier
- Process payments and credit seller earnings
- Enforce rate limits, budget caps, and route restrictions
- Monitor key health and notify sellers of errors
- Detect and resolve billing disputes
- Generate aggregated marketplace statistics (key counts, price ranges, uptime — no individual data exposed)
- Comply with legal obligations
We do not sell your data. We do not use your data for advertising. We do not train AI models on your data.
EU routing and GDPR
Buyers in EU member states are automatically routed to EU-tagged seller keys only. This routing is determined by the country code provided by Cloudflare at the network edge — cn2.ai does not perform its own IP geolocation or store IP addresses.
Sellers who tag their keys with the EU region ensure that buyer request data processed through those keys stays within EU jurisdiction, as determined by the upstream API provider's infrastructure.
cn2.ai acts as a data processor for proxied API traffic. The data controller is the buyer (or the buyer's organization) who initiates the request.
Encryption and security
- All seller API keys are encrypted with AES-256-GCM before leaving the browser. cn2.ai servers never see plaintext keys.
- Decryption occurs only at the Cloudflare Worker edge, in memory, for the duration of a single request.
- Vault encryption keys are stored as Cloudflare Worker secrets, inaccessible to application code outside the Worker runtime.
- All connections require TLS 1.2 or later.
- Payment credentials use single-use cryptographic proofs (replay protection).
- Buyer identifiers are SHA-256 hashed — we cannot reverse them to identify individual buyers.
Third-party services
We use the following third-party services to operate cn2.ai:
| Service | Purpose | Data shared |
|---|---|---|
| Cloudflare | Edge routing, KV storage, Workers | Request metadata, encrypted keys (in KV) |
| Supabase | Database, authentication | Seller accounts, key configs, earnings |
| Vercel | Web app hosting | Page requests (no API traffic) |
| Stripe | Card payments, seller payouts | Payment amounts, Stripe account IDs |
| Tempo | USDC stablecoin payments | Payment amounts, wallet addresses |
| Tinybird | Request metrics and analytics | Anonymized request metadata |
| Persona | Identity verification (KYC) | Name, government ID (processed by Persona, not stored by cn2.ai) |
Data retention
| Data | Retention |
|---|---|
| Raw request metadata | 30 days |
| Aggregated analytics | 1 year |
| Seller account data | Until account deletion |
| Encrypted API keys | Until key is removed by seller |
| Earnings records | 7 years (financial compliance) |
| Buyer spend tracking (KV) | 90 days |
Your rights
Depending on your jurisdiction, you may have the right to:
- Access — request a copy of the data we hold about you
- Correction — correct inaccurate data
- Deletion — delete your account and associated data (sellers can delete keys and close accounts from the dashboard)
- Portability — export your earnings and key configuration data
- Objection — object to specific data processing activities
For buyers using cn2.ai anonymously via MPP: we hold only a hashed identifier and request metadata. We cannot identify you from this data. If you created an optional buyer account, you can delete it and all associated data.
Cookies
cn2.ai uses only essential cookies for authentication session management. We do not use tracking cookies, analytics cookies, or advertising cookies.
Children
cn2.ai is not directed at children under 18. We do not knowingly collect data from minors.
Changes to this policy
We may update this policy as our practices evolve. Material changes will be communicated via email to registered sellers and posted on this page with an updated date.
Contact
For privacy questions, data requests, or concerns:
privacy@cn2.ai