Privacy Policy

Last updated: June 10, 2026

Crumb (getcrumb.dev) is operated by an individual operator (“we”, “us”). You can reach us at legal@getcrumb.dev. Crumb lets workspace owners connect their own OpenAI API key and hand out temporary, limited ck_ keys to other people. This page explains what data we process to make that work.

The short version

• We do not store the content of your AI requests or responses. Prompts and completions pass through our proxy in memory only.
• We store the minimum account, key, and usage metadata needed to enforce limits, show dashboards, and keep the service safe.
• We don't run ads, we don't use tracking cookies or analytics scripts, and we never sell data.

Data we collect

• Account data — your email address, login timestamps, and one-time login codes (stored hashed, expiring within minutes).
• Workspace data — workspace names, pool and key settings, limits, and labels that owners configure.
• Provider credentials — the OpenAI API key a workspace owner connects. It is encrypted at rest with envelope encryption, never shown to recipients, and never logged.
• Recipient data — email addresses (and optional names) that workspace owners enter or import to grant access. Owners are responsible for having a basis to invite those people.
• Usage metadata — for each proxied API request: timestamp, key, model, endpoint, status, latency, token counts, and estimated cost. This is what powers limits and dashboards. Request and response bodies are not stored.
• Security telemetry — a salted, one-way hash of the requesting IP address and user agent, used only for abuse and security analysis. We do not store raw IP addresses for proxy requests.
• Audit and notification records — events such as key creation, reveals, rotations, and limit hits.

Cookies

One session cookie (crumb_session) keeps you signed in. There are no advertising, analytics, or third-party cookies.

How we use data

To provide the service (deliver keys, enforce limits, show usage), to secure it (abuse prevention, audit trails), and to send transactional email (login codes, key delivery, limit and security notifications). We send no marketing email.

Where data lives and who processes it

• Hosting — Contabo (Germany, EU). Application data stays on this infrastructure.
• Email — Amazon Web Services SES (EU region, Stockholm) delivers transactional email.
• Backups — encrypted (age public-key encryption) database backups are stored with Cloudflare R2. Backups are unreadable without a key that is not stored alongside them.
• OpenAI — proxied requests are forwarded to OpenAI using the workspace owner's own API key, under the owner's OpenAI account and OpenAI's terms.

Retention

• Usage metadata: up to 1 year during the beta.
• Audit records: retained for the life of the workspace for security and accountability.
• Login codes: minutes. Sessions: until logout or expiry.
• Account deletion: you can delete your account at any time; historical usage metadata tied to past key activity is retained where needed for the workspace owner's records and abuse prevention.
• Workspace deletion: scheduled with a grace period, then permanently deleted.

Your rights

You can request access to, export of, or deletion of your personal data by emailing legal@getcrumb.dev. If you are in the EU/EEA, you have the rights provided by the GDPR, including the right to complain to a supervisory authority. If you received a Crumb key from someone, the workspace owner who invited you decides how long your access lasts; we handle deletion requests for the data we hold.

Changes

We will update this page as the service evolves and change the date above. Material changes will be announced to account holders by email or in-app notice.