TrexAPI
LoginGet Started
Last updated: March 13, 2026

Privacy Policy

This Privacy Policy explains how TrexAPI, operated by ClawDiary (“TrexAPI,” “ClawDiary,” “we,” “our,” or “us”), collects, uses, stores, discloses, and protects information when you access or use our website, dashboard, APIs, legal pages, documentation, support channels, and related services (collectively, the “Services”), including workflows that may process prompts, payloads, fallback text, TrexIDs, and retrieval-related service content.

By accessing or using the Services, you acknowledge that you have read this Privacy Policy.

Because TrexAPI includes TrexID, payload, fallback text, caching, and retrieval workflows, some service content may be processed, temporarily stored, or retained as part of the features you choose to use.

1. Scope

This Privacy Policy applies to information we collect when you:

  • visit our website or legal/documentation pages;
  • create or use a TrexAPI account;
  • access the dashboard;
  • create, manage, or revoke API keys;
  • bind third-party provider credentials in the dashboard;
  • push, fetch, resolve, revoke, or otherwise interact with TrexID or TokenZip payload workflows;
  • subscribe to a paid plan or interact with our billing systems;
  • contact us for support, onboarding, sales, or security matters.

Third-party services

This Privacy Policy does not apply to third-party services, websites, or model providers that you access separately, including OpenAI, Anthropic, OpenRouter, payment providers, analytics vendors, or infrastructure providers, each of which may have its own privacy practices.

2. Information We Collect

We may collect the following categories of information.

A. Account and identity information

  • Email address
  • Login and authentication data
  • Account status
  • Profile or organization information you choose to provide
  • OAuth-related account identifiers where applicable

B. Billing and subscription information

We do not store full payment card numbers if payment processing is handled by a third-party billing provider.

  • Plan type and subscription status
  • Billing customer identifiers
  • Subscription identifiers
  • Invoice and payment metadata
  • Country or tax-related billing details you provide
  • Limited transaction records necessary for accounting, fraud prevention, support, and dispute handling

C. Operational and security metadata

  • IP address or approximate geo-derived session context
  • Device, browser, and request metadata
  • Authentication events
  • API key creation, revocation, and usage timestamps
  • Rate-limit, abuse-prevention, audit, and webhook logs
  • Error logs, performance logs, and reliability diagnostics

D. API and service usage information

  • Request timing and endpoint usage
  • Usage volume and request counts
  • Model routing metadata
  • Provider reconciliation metadata
  • Cached retrieval metadata
  • Service state associated with subscriptions, quotas, and access controls

E. Customer content and service content

Depending on how you use the Services, we may process:

  • prompts, payloads, fallback text, exact-preserved spans, semantic representations, TrexIDs, metadata fields, and related service content;
  • content you intentionally store, transmit, or resolve through TrexAPI;
  • support content you send to us for troubleshooting.

You are responsible for ensuring that you have all rights and permissions needed to submit content to the Services.

Depending on the workflow and product configuration, this service content may be handled in memory, cached, temporarily stored, or persistently stored so that TrexID resolution, payload retrieval, controlled expansion, billing reconciliation, and support functions can operate correctly.

F. Communications

  • Support emails and tickets
  • Sales or partnership communications
  • Product feedback
  • Security reports
  • Responses to surveys or other voluntary communications

G. Cookies and similar technologies

We may use cookies, local storage, or similar technologies for:

  • authentication and session continuity;
  • remembering preferences;
  • security and fraud prevention;
  • product analytics and performance monitoring.

3. How We Use Information

We use information for the following purposes:

  • to provide, operate, maintain, secure, and improve the Services;
  • to authenticate users and manage sessions;
  • to create, manage, suspend, or revoke accounts and API credentials;
  • to process subscriptions, renewals, cancellations, and billing events;
  • to reconcile usage, token savings, provider-billed tokens, and subscription entitlements;
  • to support TrexID, TokenZip payload, semantic routing, caching, retrieval, and related product workflows;
  • to monitor performance, diagnose technical issues, and prevent abuse;
  • to investigate fraud, security incidents, policy violations, and misuse;
  • to provide support, onboarding, and account assistance;
  • to communicate product, service, billing, security, and legal notices;
  • to comply with legal obligations and enforce our agreements.

4. Legal Bases for Processing

If and to the extent applicable under privacy law, we rely on one or more of the following legal bases:

  • performance of a contract with you;
  • our legitimate interests in operating, securing, and improving the Services;
  • compliance with legal obligations;
  • your consent, where required by law.

5. How We Share Information

We do not sell personal information.

We may share information only in the following circumstances:

A. Service providers and subprocessors

We may share information with vendors and service providers that help us operate the Services, including providers for:

  • hosting and infrastructure;
  • authentication;
  • payment processing and subscription management;
  • logging, monitoring, and analytics;
  • support tooling and communications;
  • security and fraud prevention.

B. Model and upstream providers

When you choose to route traffic or bind third-party provider credentials, certain request-related data may be transmitted to the relevant upstream provider as required to fulfill your request.

C. Legal and safety disclosures

We may disclose information if we believe in good faith that disclosure is necessary to:

  • comply with law, regulation, legal process, or governmental request;
  • protect the rights, property, or safety of TrexAPI, our users, or others;
  • investigate fraud, abuse, or security incidents;
  • enforce our Terms of Service or other agreements.

D. Business transfers

We may disclose or transfer information in connection with a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, subject to appropriate confidentiality and legal safeguards.

6. Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to:

  • operate and secure the Services;
  • maintain account history and subscription records;
  • investigate incidents and enforce our terms;
  • comply with tax, accounting, legal, and regulatory obligations;
  • resolve disputes.

Retention periods

Retention periods may vary depending on the type of information, the sensitivity of the data, legal requirements, and operational necessity.

Service content associated with prompts, payloads, fallback text, TrexIDs, cache entries, and retrieval workflows may also be retained for the duration needed to provide the relevant feature, protect the service, reconcile usage, or satisfy contractual and legal obligations.

We may delete or anonymize information when it is no longer reasonably necessary for these purposes.

7. Security

We use reasonable technical, administrative, and organizational measures designed to protect information. These may include access controls, encryption in transit, encrypted storage for sensitive materials where configured, audit logging, credential handling controls, and security monitoring.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the confidentiality of your account credentials, API keys, and any third-party provider credentials you choose to bind or use with the Services.

8. Provider Keys, Payloads, and Sensitive Content

TrexAPI may allow you to bind third-party provider credentials and route requests through our managed service layer. You acknowledge that:

  • such credentials and request content may be processed as necessary to provide the service;
  • TrexID or payload-related workflows may involve storage, retrieval, metadata handling, and controlled expansion;
  • you should not submit content unless you have the right to do so;
  • you remain responsible for your own compliance obligations to end users, customers, and third parties.

Enterprise commitments

If you require stronger contractual, encryption, residency, or isolation commitments, those may be available only under a separate enterprise or private deployment agreement.

9. International Transfers

We may process or store information in jurisdictions other than your own. By using the Services, you understand that your information may be transferred to and processed in countries that may have different data protection laws than your jurisdiction.

Where required, we will implement appropriate safeguards for cross-border transfers.

10. Your Rights and Choices

Depending on your jurisdiction, you may have rights to:

  • access personal information we hold about you;
  • request correction of inaccurate information;
  • request deletion of certain information;
  • object to or restrict certain processing;
  • withdraw consent where processing is based on consent;
  • request portability of certain information.

Account controls

You may also:

  • update certain account information in the dashboard;
  • cancel your subscription subject to the applicable billing terms;
  • contact us to request account deletion or data-access assistance.

Verification

We may need to verify your identity before fulfilling certain requests. Some information may be retained where legally required or operationally necessary.

11. California and Similar U.S. Privacy Disclosures

If applicable law requires additional privacy disclosures, including rights related to access, correction, deletion, or appeal, you may contact us using the information below. We do not sell personal information and do not share personal information for cross-context behavioral advertising as those terms may be defined by applicable law, unless we clearly state otherwise in the future.

12. Children’s Privacy

The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us and we will take appropriate steps to review and remove it where appropriate.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last updated” date and may provide additional notice where appropriate. Your continued use of the Services after an updated Privacy Policy becomes effective means the updated Privacy Policy applies to your use of the Services.

14. Contact

For privacy questions, data requests, or security/privacy concerns, contact:

ClawDiary

Email: [email protected]

If you submit a privacy request, please include the email address associated with your account and sufficient detail for us to locate your records.