Legal
Privacy Policy
Last updated 30 June 2026 · WardenAI LLC
1. Who we are
CapHound is an enterprise platform that attributes, governs, and enforces AI API spend. CapHound is operated by WardenAI LLC (“CapHound”, “we”). Our customers are businesses; we do not offer a consumer service and do not sell to individuals. Questions about this policy go to privacy@caphound.ai.
2. We never store prompt or response content
CapHound does not store the content of AI prompts or responses. This is a guarantee by design, not a setting you toggle: we record only cost and usage metadata — model, provider, token counts, timestamps, calculated cost, and customer/feature tags. There is no field for, and no code path that persists, message text, and an automated test fails our build if any prompt or response content reaches our database or logs. See our security page.
3. Information we process
- Customer account data — workspace name, member email addresses, and roles, for authentication and access control.
- Usage metadata — the cost and token telemetry above; never message content.
- Operational logs — request metadata, IP address, and timestamps, for security and reliability, retained per our schedule.
- Business contact data — company, contact, and plan details. CapHound is sales-led; there is no self-service signup.
We do not process special-category personal data, and we instruct customers not to place personal data into tags or metadata.
4. Sub-processors
| Sub-processor | Purpose | Region |
|---|---|---|
| Amazon Web Services | Hosting, database, storage, email | United States |
| Vercel | Marketing site hosting | US / global edge |
We keep an up-to-date sub-processor list and notify customers of material changes. Our providers’ audit and compliance reports are available to customers under NDA.
5. How we use information
To provide and secure the service, authenticate users, calculate and enforce AI spend, communicate with customers, and meet legal obligations. We do not sell personal information and do not use customer usage data to train models.
6. Retention
Usage metadata and aggregates are retained for the contractual term plus a defined archival window; operational and security logs follow our logging retention. On contract termination or a verified deletion request, customer data is deleted per our data-deletion process.
7. Your rights
Subject to applicable law (including GDPR and CCPA), individuals may request access, correction, deletion, or export of personal data, and may object to or restrict processing. Because we act as a B2B processor, requests from individuals are routed through the customer who controls the data. Contact privacy@caphound.ai and we will respond within the timelines required by law.
8. International transfers
Data is processed in the United States. For EU and UK customers we rely on Standard Contractual Clauses as incorporated in our Data Processing Addendum.
9. Security
We protect data with encryption in transit and at rest, strict tenant isolation, least-privilege access, and continuous monitoring. Learn more on our security page.
10. Changes & contact
We will post changes here and update the “last updated” date above. Questions: privacy@caphound.ai.
WardenAI LLC · 3132 Belay Pt, Castle Rock, CO 80108, USA.