Skip to content

Privacy Policy

Privacy at Chutes

Chutes is designed around minimal data retention. For public LLM inference, we do not log, store, or persist the content of your API requests or responses. This page explains where that guarantee applies, where it does not, and what metadata is still processed to run the platform.

Last updated: 2026-03-16

Core promise

We do not log, store, or persist the content of your API requests or responses. In standard API mode our servers may read request data transiently in memory to route and execute a request, but that content is never written to persistent storage. In end-to-end encryption mode, our servers cannot read the content at all.

Overview: Our Approach to Privacy

This policy covers several distinct contexts: public LLM inference, first-party Chutes applications, private or user-created chutes, website browsing, and billing. The privacy guarantees differ by context because the data flows differ by context.

  • Public LLM API usage has the strongest privacy guarantees and zero content logging.
  • Chutes applications such as chat interfaces may store content when persistence is a core feature.
  • Private and user-created chutes run arbitrary third-party code that we do not control.
  • Website browsing uses standard operational analytics and cookie mechanisms.
  • Billing requires minimal payment and usage metadata.

Public LLM API Usage: Zero Content Logging

When you use public models hosted by the Chutes system user, no content from your prompts, completions, conversation history, images, audio, or video is logged, stored, or persisted.

In standard API mode, request bodies may be read transiently in memory to route a request, validate parameters, or fetch remote media on your behalf. We also compute non-reversible prompt-prefix hashes for short-lived routing optimization. The content itself is never written to a database, log file, or other persistent storage.

What we collect

  • Timestamps, durations, token counts, model identifiers, and stop reasons.
  • Performance metrics such as throughput and time-to-first-token.
  • Billing metadata derived from usage.
  • Short-lived rate-limit counters and operational metrics.

What we do not collect

  • Prompt text or semantic request content.
  • Model responses or generated artifacts.
  • Conversation history for API usage.
  • Persistent IP-address records tied to invocation content.

Confidential Compute (TEE) and End-to-End Encryption

Some models expose confidential_compute: true. Those models run inside trusted execution environments backed by Intel TDX and NVIDIA Protected PCIe. That means request data is processed inside hardware-isolated memory.

We also support end-to-end encryption. In that mode the Chutes API relays ciphertext to the target instance and cannot decrypt the request or response body. Only a plaintext usage summary is appended for billing.

  • TEE mode protects data in use on supported hardware.
  • E2E mode prevents the API layer from reading content at all.
  • Together they provide the strongest privacy guarantees we can offer.

IP Address Handling

We do not store IP addresses in our core product databases. IP addresses may be processed ephemerally for rate limiting, abuse prevention, and operational defense.

Third-party infrastructure services such as CDN, firewall, and DDoS mitigation providers may also process request metadata in real time to protect the platform. That processing is strictly for security and availability.

Chutes Applications

First-party applications built by Chutes may store user content when persistence is the point of the product. For example, a chat application that offers saved conversation history stores that history so you can return to it later.

  • Stored application content is used to provide application functionality to you.
  • It is not used for model training.
  • Where deletion controls exist, you can remove that stored content through the product UI.

Private and User-Created Chutes

Chutes is also a serverless compute platform. When you invoke a private chute or a user-created chute, you are running arbitrary third-party code. We cannot guarantee how that code handles your data.

Treat non-system chutes as third-party software. Review the chute author’s policies and trust assumptions before sending sensitive data to them.

Website Usage and Cookies

When you browse chutes.ai, we may use standard cookies and session mechanisms for authentication, preferences, abuse prevention, and aggregate website analytics. Those cookies are separate from the zero-content guarantees described for public API inference.

If you accept cookies, we also use Google Analytics and Google Tag Manager to measure site usage, and Google Ads cookies for advertising, remarketing, and conversion measurement. Google may act as a recipient of this data. We default all advertising and analytics storage to denied (Google Consent Mode) until you accept, and you can change your choice at any time from your profile settings.

Billing and Payments

Payments may be processed through providers such as Stripe or through supported blockchain payment rails. We retain only the data required to reconcile balances, invoices, customer status, and fraud controls.

  • Payment card data is handled by the payment processor, not stored directly by Chutes.
  • Usage metadata is retained for billing, accounting, and support.
  • Cryptocurrency payments are visible on public ledgers by design.

Data Retention

We retain account, billing, and operational metadata only as long as needed for product operation, support, security, legal compliance, and financial recordkeeping. Public LLM request content is not retained because it is not stored in the first place.

Information Sharing

We do not sell your data. We may share limited information with infrastructure providers, payment processors, security vendors, professional advisors, or authorities where legally required and only to the extent necessary for those purposes.

If you use end-to-end encryption, the content we could disclose is still ciphertext that we cannot decrypt.

Contact

Questions about this policy can be sent to [email protected].