Legal & Terms

By accessing or using LLM Sanitizer ("the Service"), you agree to be bound by these Terms of Service. The Service is provided by LLM Sanitizer, Inc. and is intended for use by businesses and developers who integrate large language models into their applications.

You are responsible for maintaining the confidentiality of your API keys and for all activities that occur under your account. You agree not to use the Service for any unlawful purpose or in any way that could damage, disable, or impair the Service.

We reserve the right to modify or discontinue the Service at any time, with or without notice. We shall not be liable to you or any third party for any modification, suspension, or discontinuance of the Service. Your continued use of the Service following any changes constitutes acceptance of those changes.

LLM Sanitizer collects only the minimum data necessary to provide the Service. This includes account information (email, name), usage metrics, and API request metadata. We do not store the content of sanitized prompts beyond the duration needed for real-time processing unless you explicitly enable logging.

We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share anonymized, aggregated data for analytics and service improvement. You may request deletion of your data at any time by contacting our support team.

We use industry-standard security measures, including encryption in transit (TLS, enforced by our hosting infrastructure) and hashing of sensitive credentials (bcrypt for API keys). Prompt content is not stored. For enterprise customers, additional data residency and compliance options are available.

LLM Sanitizer acts as a data processor on behalf of our customers (data controllers). Prompts submitted through the Service are analyzed in real time for threats, PII, and policy violations. Analysis results are returned immediately, and prompt content is not retained after processing unless explicitly configured.

For customers subject to GDPR, CCPA, or other data protection regulations, we offer Data Processing Agreements (DPAs) upon request. Our infrastructure is hosted in SOC 2 Type II certified data centers with options for EU, US, and APAC regions.

Under GDPR, CCPA, and similar regulations, you have the following rights which we support via our API:

• Right to Access (GDPR Art. 15): Export all your data via GET /api/v1/user/data
• Right to Erasure (GDPR Art. 17): Delete all your data via DELETE /api/v1/user/data
• Right to Portability (GDPR Art. 20): Data export returns machine-readable JSON
• Right to Rectification: Update your account information via the dashboard or API

All data access and deletion actions are recorded in an immutable audit log. You may also contact support@llmsanitizer.com to exercise your rights.

Security is foundational to LLM Sanitizer. Our platform is built with a defense-in-depth approach, including network-level isolation, application-level encryption, and continuous monitoring. All API traffic is encrypted in transit via TLS (enforced by our hosting infrastructure). API keys are hashed using bcrypt before storage. Prompt content is processed in memory and not persisted to disk.

We conduct regular third-party penetration testing and maintain a responsible disclosure program. If you discover a security vulnerability, please report it to security@llmsanitizer.com. We are committed to responding to all reports within 24 hours and resolving critical issues within 72 hours.