DOTPROX
Contact DOTPROX
Public policy document

Data Policy

This Data Policy explains how DOTPROX handles customer inputs, returned embeddings, logging, retention, and enterprise data options for the hosted bible-embed API. It is intended to be read alongside our Privacy Policy and Terms of Service, especially by developers and platforms evaluating distribution of the model.

Operator Burke Designs LLC
Last updated June 5, 2026
Contact contact@dotprox.com

Core commitment: by default, DOTPROX processes customer text to generate embeddings and return them to the caller. We do not use API inputs, outputs, or returned embeddings to train public or shared models unless a customer explicitly agrees in writing.

1. Scope

This Data Policy applies to the hosted bible-embed API and related support, onboarding, evaluation, and enterprise discussions. It focuses on operational service data rather than broader website privacy.

2. Data We Process for the API

  • Inputs: text or other content submitted for embedding generation.
  • Outputs: returned embedding vectors and related response payloads.
  • Request metadata: timestamps, model identifiers, token counts, latency, HTTP status, and account or authentication metadata.
  • Security metadata: IP address, rate-limit events, abuse signals, and access logs.

3. Ownership and Use of Customer Data

You retain whatever rights you hold in your inputs. As between you and DOTPROX, we do not claim ownership of the embedding vectors returned to you. We process customer data only as reasonably necessary to:

  • Generate embeddings and return the API response.
  • Operate, secure, monitor, and support the service.
  • Prevent abuse, investigate incidents, and reconcile usage or billing.
  • Comply with legal obligations and enforce our policies.

If you submit personal data, confidential data, or data relating to end users, you are responsible for providing notices, obtaining consents, and establishing any required lawful basis for collection, transfer, processing, and use.

4. Model Training and Improvement

DOTPROX does not use hosted API inputs, outputs, or embeddings to train public, shared, or third-party models by default.

We may use aggregate metrics, de-identified telemetry, and abuse or quality signals to improve infrastructure, service reliability, request handling, pricing, or support workflows. That does not change the no-training default for customer API content.

5. Standard Hosted API Retention

Our default hosted API handling is designed to minimize persistent storage while still allowing us to operate a production service.

  • API inputs and outputs are processed transiently to fulfill the request.
  • Limited request content, embeddings, and diagnostic data may be retained in logs for up to 30 days for security, debugging, billing reconciliation, and abuse prevention.
  • We do not offer managed customer vector storage as part of bible-embed unless we separately describe that feature to you.
  • Account, billing, and support records may be retained longer as needed for business and legal purposes.
  • We may retain data longer than the standard periods above where reasonably necessary to investigate misuse, enforce our policies, protect the service, or comply with law.

Customers are responsible for their own storage, backups, and downstream handling of inputs, embeddings, and outputs after a response is returned.

6. Human Access to Customer Data

Access to customer data is limited to personnel or service providers who need it for support, security review, incident response, legal compliance, or billing operations. We aim to keep access narrow and role-based.

DOTPROX may use automated systems, filters, classifiers, and related review processes to detect abuse, enforce policies, triage incidents, and protect the service and its users.

7. Third-Party Platforms and Infrastructure

If you access bible-embed through a third-party platform such as OpenRouter, that platform may receive your request before it reaches DOTPROX. Their own terms, retention rules, logging practices, and subprocessors may apply in addition to ours.

DOTPROX may also use infrastructure, hosting, networking, observability, billing, and support vendors to run the service. Those providers may process customer data only as needed to provide services to us.

8. Enterprise and Self-Hosted Options

Enterprise customers may request alternative handling arrangements, including private deployment discussions, scoped retention terms, or self-hosting evaluation. Any such terms must be agreed in writing and may differ from this public baseline.

Separate written agreements, including enterprise agreements or data processing addenda, control over this public policy to the extent of any conflict.

9. Sensitive Data and Regulated Use

Do not send personal, confidential, or regulated data to bible-embed unless you have determined that the hosted service is appropriate for your use case, your disclosures and permissions are adequate, and any required contractual protections are in place.

Unless we expressly agree otherwise in writing, DOTPROX does not promise that the public hosted API is suitable for regulated workloads, formal data residency commitments, or sector-specific compliance requirements.

Unless we expressly agree otherwise in writing, DOTPROX also does not make public commitments regarding regional processing restrictions, dedicated infrastructure, or zero-data-retention configurations for the hosted API.

10. Security Measures

We use reasonable technical and organizational safeguards to protect customer data, including access controls, operational monitoring, and security review practices appropriate to the size and nature of the service. No security program can eliminate all risk.

11. Changes and Contact

We may update this Data Policy as our product, infrastructure, or legal obligations change. Updated versions will be posted on this page with a revised “Last updated” date.

Questions about data handling, enterprise privacy reviews, or self-hosted options can be sent to contact@dotprox.com.