Privacy Policy

What we collect

When you use the SafeModeration API, we collect the following:

Account information: Your email address, account creation date, plan tier, and any payment information processed by Stripe (we never receive or store full card numbers).

API request metadata for every request: request ID, timestamp, customer ID, the moderation decision returned, confidence scores, category scores, processing time, and an internal cache hash of the submitted content.

Submitted content from authenticated production requests: For authenticated API calls that pass through our production endpoint, we store the raw text content (for text moderation) or the image URL (for image moderation — never the image bytes themselves) alongside the metadata above. This enables you to review your moderation history in your dashboard. This applies to all authenticated production API requests, not just opt-in.

Customer correlation identifiers when provided: reference_id (required for production requests) and metadata (an optional JSON object, up to 4,096 bytes). The metadata object is free-form: you can include any keys your platform finds useful, such as content_type, author_id, thread_id, or any other identifiers that help you correlate moderation results with your own records. SafeModeration imposes no structure on the keys or values.

Usage data: Per-month request counts, credit consumption, and API key activity (which key was used, when).

Demo usage: If you use our public demo at safemoderation.com/demo, we store your email address and a record of each moderation request you made (decision, confidence, categories, timestamp). We do not store the submitted text content from demo requests.

What we don't store

Image handling. When you submit an image URL for moderation, our servers fetch the image from your URL, classify it, then immediately discard the image bytes. We do not store, cache, or retain raw image content. We compute a SHA-256 hash of the image bytes for caching purposes; only the hash is stored, not the image itself. The image URL is stored alongside the moderation result for your dashboard access and audit purposes.

We never use the content of your moderation requests as training data for AI or machine learning models — whether ours or any third party's. This commitment covers content used as training inputs for model weights. We may use anonymized, aggregated quality metrics (accuracy rates, false-positive rates, category distributions) derived from moderation requests to evaluate and improve the Service, but this evaluation activity does not constitute training.

We never share your content with other customers. Each customer's moderation history is isolated and accessible only to that customer.

We never sell your data. Period. Not to advertisers, not to data brokers, not to anyone.

Demo submissions are metadata-only. The demo endpoint stores the decision and categories but not the submitted text content.

How we use your data

We use the data we collect to:

• Operate the SafeModeration service — classifying content you submit and returning moderation decisions.
• Enable you to review your moderation history in your dashboard.
• Send usage notifications when you approach your monthly credit limit.
• Process billing and manage your subscription through Stripe.
• Detect abuse and enforce our acceptable use policy.
• Improve service quality by evaluating classifier performance using anonymized aggregated metrics (see "What we don't store" for what this does and does not include).

We do not sell your data to third parties or use it for advertising.

Third-party services

Operating SafeModeration requires routing your data through a small number of trusted infrastructure providers. Each has its own privacy policy and we link to them below.

• Amazon Web Services (AWS). We use AWS Rekognition as a content classification provider for image moderation. Image bytes may be sent to AWS Rekognition in the us-east-2 (Ohio) region for classification. AWS processes data under their standard data processing terms. See AWS's privacy policy.
• Beehiiv — We use Beehiiv to manage email newsletter subscriptions. When you subscribe to our newsletter, your email address and subscription preferences are sent to Beehiiv for processing and delivery. Beehiiv's handling of this data is governed by their privacy policy.
• Cloudflare Turnstile — We use Cloudflare Turnstile to protect our signup, login, and contact forms from automated abuse. Turnstile evaluates browser characteristics and visitor behavior to distinguish humans from bots, which may include IP address, browser type, and interaction patterns. Cloudflare's handling of this data is governed by their privacy policy.
• Google Analytics — We use Google Analytics 4 to understand aggregate visitor traffic on our public marketing pages (homepage, pricing, contact, documentation, blog). GA4 collects page views, device information, anonymized location, and visitor behavior. Event data is retained for 2 months; user data for 14 months; then automatically deleted. Google Signals is disabled — we do not enable cross-site or cross-device tracking. GA is not used on the demo, dashboard, or any signed-in surface. Google's use of this data is governed by their privacy policy.
• Netlify — We use Netlify to host the API and website. See Netlify's privacy policy.
• OpenAI. We use OpenAI's API as a content classification provider. Submitted content (text or image bytes) may be sent to OpenAI's API for classification. OpenAI processes data under their standard API data processing terms and does not train on API customer data. See OpenAI's enterprise privacy policy.
• Resend — We use Resend to send transactional emails (usage notifications, password resets, demo signup confirmations). See Resend's privacy policy.
• Stripe — We use Stripe for billing and payment processing. We never receive or store full credit card numbers. See Stripe's privacy policy.
• Supabase — We use Supabase (Postgres database hosting) to store account information, moderation history, and usage metadata. See Supabase's privacy policy.
• Upstash — We use Upstash for Redis caching (storing moderation results by content hash for 7 days to reduce duplicate processing costs) and rate limiting. Cached results contain only the moderation decision and category scores, never raw content. See Upstash's privacy policy.

Data retention

• Moderation logs (metadata + content): Retained for one year from the date of the moderation request, then automatically deleted. This includes the request metadata, the decision, the stored content (if from an authenticated production request), and the correlation identifiers (reference_id, metadata).
• Account data: Retained while your account is active. If you cancel, your account data is retained for 90 days after cancellation to allow for reactivation, then permanently deleted.
• Demo signup records: Retained for one year, then permanently deleted.
• Cached results: Stored in Redis for 7 days by content hash. The cache contains only moderation decisions, not raw content.
• Aggregated usage statistics: Per-customer monthly counts (requests, credits used, decision distribution) may be retained indefinitely in aggregated form for billing reconciliation and service improvement. These statistics do not include individual content.

Your rights

You have the following rights regarding data we hold about you:

• Access: You can request a copy of your account data and stored moderation history at any time by emailing support@safemoderation.com.
• Deletion: You can request deletion of your account and all associated data by emailing support@safemoderation.com. We will delete your data within 30 days of receiving a verified request. Note that anonymized aggregated statistics (e.g., monthly request counts in our billing system) may be retained after individual data deletion.
• Export: You can request a structured export of your stored moderation history (JSON format) at any time.
• Correction: You can update your account information (email, name, billing details) at any time through your dashboard. To correct other data, email support@safemoderation.com.

These rights apply regardless of where you are located. If you are in the European Union, United Kingdom, California, or another jurisdiction with specific data protection regulations, you may have additional rights under local law that we honor.

Children and minors

SafeModeration is a B2B service intended for use by businesses and developers. The Service is not directed at and is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete that information. If you believe a child has provided us with personal information, please contact support@safemoderation.com.

Security

We use a combination of technical and operational measures to protect data we handle:

• All API traffic uses TLS encryption in transit.
• Data at rest in our database (Supabase) is encrypted using standard at-rest encryption.
• API keys are stored as hashes, not plaintext. You can rotate keys at any time from your dashboard.
• Access to production systems is restricted via authentication and least-privilege principles.
• Our infrastructure providers (AWS, Supabase, Netlify, Upstash, Stripe, OpenAI, Resend) maintain their own security programs; we link to each provider's privacy policy in the "Third-party services" section above.

No system is perfectly secure. We work to reduce risk, but we cannot guarantee that data will never be subject to unauthorized access. If you have questions about our security practices, email support@safemoderation.com.

International data transfers

SafeModeration is operated from the United States. The data we collect, including data you submit through the API, is processed and stored in the United States. Our infrastructure providers (AWS, Supabase, Netlify, Upstash, Stripe, OpenAI, Resend) may store or process data in additional jurisdictions; see each provider's privacy policy linked in the "Third-party services" section above.

If you access the Service from outside the United States, you understand that your information will be transferred to, processed in, and stored in the United States. Privacy laws in the United States may differ from those in your jurisdiction. By using the Service, you consent to this transfer.

For customers subject to the EU General Data Protection Regulation (GDPR), the UK GDPR, or similar regulations, we are willing to enter into a Data Processing Agreement (DPA) that supports your compliance obligations. Contact support@safemoderation.com to request one.

Government and legal requests

We may disclose your data when required to do so by law — for example, in response to a subpoena, court order, or other valid legal process. We may also disclose data when we believe in good faith that doing so is necessary to investigate or prevent fraud, protect the safety of any person, address security or technical issues, or protect our rights or property.

Where permitted by law, we will notify customers before disclosing their data in response to a legal request, giving them an opportunity to challenge the request. We are not required to challenge requests on a customer's behalf.

Cookies and tracking

Our website uses a minimal set of cookies and analytics tools:

• Authentication cookies (Supabase) keep you signed in to your account. Used only on the demo and dashboard pages.
• Bot protection cookies (Cloudflare Turnstile) on signup, login, and contact forms to prevent automated abuse.
• Google Analytics on our public marketing pages (homepage, pricing, contact, documentation, blog) to understand aggregate visitor traffic patterns. We use Google Analytics 4 with default retention settings: 2 months for event data, 14 months for user data, then automatic deletion. Google Signals (cross-site and cross-device tracking) is disabled on our property. Google Analytics is NOT used on the demo, dashboard, or any signed-in surface. We use this data to understand which content drives interest in SafeModeration; we do not link analytics data to your customer account or moderation history.

We do not use cookies or pixels for advertising, marketing retargeting, or cross-site tracking. We do not sell behavioral data to third parties.

If you prefer not to be tracked by Google Analytics, you can install the official Google Analytics opt-out browser add-on, or use a browser with built-in tracking protection (Brave, Firefox with strict mode, Safari with Intelligent Tracking Prevention).

Data breach notification

If we become aware of a security breach that affects your personal information, we will notify you without undue delay and consistent with our obligations under applicable law. Notifications will be sent to the email address associated with your account and will describe the nature of the breach, the categories of data affected, and any steps you can take to protect yourself.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our infrastructure providers, or applicable law. Material changes will be communicated via email to active customers at least 14 days before they take effect. Continued use of the Service after the effective date of changes constitutes acceptance of the updated policy.

The current version's effective date is shown at the top of this page. A summary of substantive changes is maintained in the changelog at the bottom of this document.

Contact

Questions about this policy? Email us at support@safemoderation.com.

Changelog

• May 2026 — Material rewrite: corrected content storage description to reflect that authenticated production API requests store content for dashboard review (previously described an opt-in toggle that did not exist). Added explicit commitment to never use customer content as training data for AI/ML models. Added "Your rights" section covering access, deletion, export, and correction. Expanded "Third-party services" with full data flow descriptions and links to each provider's privacy policy. Specified retention periods for each data category. Added sections on children/minors, security practices, international data transfers, government and legal requests, cookies, and data breach notification. Additionally corrected the "Cookies and tracking" section to accurately disclose Google Analytics use on public marketing pages (homepage, pricing, contact, documentation, blog) with specific retention settings (2 months event data, 14 months user data) and confirmation that Google Signals is disabled. Added Beehiiv, Cloudflare Turnstile, and Google Analytics to "Third-party services" section (now listed alphabetically). Removed Google Analytics from the demo page, which was previously tracking authenticated user interactions.