Privacy Policy
Last updated: 2026-06-01T00:00:00.000Z
This Privacy Policy describes how Mingles AI (“we”, “us”) collects, uses, and shares information when you use the Gonka Gateway website and API (the “Service”). We aim to collect the minimum data required to run the Service, bill it correctly, and keep it secure.
1. Data we collect
Account data
- Email (Google OAuth or email signup), display name, profile picture URL.
- Optional wallet address linked for GNK payments.
- Account creation and last-login timestamps.
Billing data
- Subscription tier, period dates, renewal status.
- USD balance and GNK balance, transaction history.
- Stripe: customer ID, payment-method type, country, invoice metadata. We do not receive full card numbers.
- GNK on-chain: deposit transaction hashes and payer wallet addresses.
Usage data
- API requests: timestamp, model, token counts, status, latency, route, API-key identifier.
- Optional debug bodies retained only when enabled, auto-deleted after 7 days.
Technical
- IP (truncated for analytics), user-agent, referrer, UTM, cookie IDs (PostHog, Google Analytics 4).
Communications
- Emails to support@, billing@, legal@, security@ mingles.ai.
2. How we use data
- Provide the Service (auth, routing, billing).
- Process payments and prevent fraud.
- Detect abuse and protect the platform.
- Improve the Service via aggregated analytics.
- Send service emails; with consent, occasional product updates.
- Comply with law.
We do not train models on Customer Content. We do not sell personal data.
3. Legal bases (GDPR)
Contract, legitimate interests (security, analytics), consent (non-essential cookies, marketing emails), legal obligation.
4. Sub-processors
| Sub-processor | Purpose |
|---|---|
| Stripe, Inc. | USD card payments |
| Google LLC | OAuth, Analytics 4 |
| PostHog | Product analytics |
| hCaptcha | Bot mitigation |
| Cloud hosting provider | Hosting and database |
| Email delivery (Gmail / SMTP) | Transactional email |
| CoinGecko / market APIs | GNK/USD pricing |
| Gonka network operators | LLM inference execution |
Note on Gonka network: requests are forwarded to independent inference providers on the public Gonka network. The protocol minimizes information exposure to providers, but you should not submit secrets or regulated data through any LLM API, ours or otherwise.
5. International transfers
Where required, transfers rely on Standard Contractual Clauses or equivalent safeguards.
6. Retention
- Account/billing: account lifetime + up to 7 years post-closure.
- Request metadata: 90 days.
- Debug bodies: 7 days max.
- Support emails: 3 years.
- Marketing opt-outs: indefinite suppression list.
7. Your rights
Access, rectify, delete, restrict, port, withdraw consent, complain to a DPA.
Email privacy@mingles.ai to exercise rights.
8. Security
TLS in transit, encryption at rest, scoped tokens, hashed secrets, audit logs.
Report vulnerabilities to security@mingles.ai.
9. Children
Not directed at children under 13. Report to privacy@mingles.ai if collection is suspected.
10. Changes
Material changes announced by email at least 14 days in advance.
11. Contact
- Privacy: privacy@mingles.ai
- Security: security@mingles.ai
- Legal: legal@mingles.ai
Mingles AI · Gonka Gateway product.