No training on customer data
The product promise is service-level, not vague model mythology. Customer inputs should not become future training material.
Privacy
Private means operationally private.
Customer trust has to map to a real system boundary: domestic serving, no training on customer data, body logging disabled by default, and explicit retention behavior.
Text inference$0.25 / 1M input
Tool calls$0.015 / call
Image generation$0.08 / image
Privacy
Private by implementation, not just by policy.
No training on customer data. Body logging disabled by default. Domestic routing for paid private traffic.
Prompt and response bodies off by default
Operational metadata is retained for reliability and billing. Body logging is debug-only, explicit, and temporary.
Domestic paid routing
Paid private traffic stays on approved US-hosted infrastructure. If no eligible region is healthy, the system fails closed.
System map
Privacy has to map to a request path.
Edge
Cloudflare handles WAF, rate limiting, and bot checks before the request reaches the product control plane.
Control plane
Toolkit resolves the account, plan, rolling limits, metered usage, and the allowed model route without default body retention.
Inference
Domestic vLLM pools on Runpod serve the request, using the backbone plus the correct adapter and region class.
Audit trail
Only operational metadata, usage, and billing records persist by default. Debug body logging is opt-in and expiring.
tk_
Stop paying premium prices for generic output.
Run your prompt against the benchmark wall, compare the output, and switch when the evidence is obvious.